10.exe

Authenticates Sidebar

Tencent Inc.

The executable 10.exe, “Family Event Revision” has been detected as malware by 29 anti-virus scanners.
Publisher:
Tencent Inc.

Product:
Authenticates Sidebar

Description:
Family Event Revision

Version:
5.7.2.4

MD5:
b47fec3f674d8dffcf395777690ab1b2

SHA-1:
c71c73c602adbaee96dc1f019e621cf8d0f522bc

SHA-256:
81f8b8a7ca2dff406f1b3fa98779fb02f0994733002893c0ba99f07e59f21770

Scanner detections:
29 / 68

Status:
Malware

Analysis date:
11/29/2024 4:52:30 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2761597
-40

Avira AntiVirus
TR/Agent.251392.88
8.3.2.2

Arcabit
Trojan.Generic.D2A237D
1.0.0.585

avast!
Win32:Malware-gen
2014.9-170316

AVG
Crypt4
2018.0.2438

Baidu Antivirus
Trojan.Win32.Generik
4.0.3.17316

Bitdefender
Trojan.GenericKD.2761597
1.0.20.375

ESET NOD32
Win32/Kryptik.DYWM (variant)
11.12482

Fortinet FortiGate
W32/Generik.KLNIHQT!tr
3/16/2017

F-Secure
Trojan.GenericKD.2761597
11.2017-16-03_5

G Data
Trojan.GenericKD.2761597
17.3.25

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.212.17685

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.-1316

Malwarebytes
Trojan.PasswordStealer.FTP
v2017.03.16.06

McAfee
RDN/Generic.dx
5600.6094

Microsoft Security Essentials
Trojan:Win32/Skeeyah.A!bit
1.1.12205.0

MicroWorld eScan
Trojan.GenericKD.2761597
18.0.0.225

NANO AntiVirus
Trojan.Win32.Agent.dxsrek
0.30.26.3947

nProtect
Trojan.GenericKD.2761597
15.10.29.01

Panda Antivirus
Trj/Genetic.gen
17.03.16.06

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1015

Quick Heal
TrojanAPT.Crypt.r8
3.17.14.00

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.17314

Trend Micro House Call
TROJ_PONIK.E
7.2.75

Trend Micro
TROJ_PONIK.E
10.465.16

VIPRE Antivirus
Trojan.Win32.Generic
44892

ViRobot
Trojan.Win32.S.Agent.251392.CO[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Kryptik.Win32.799970
2.0.0.2480

File size:
245.5 KB (251,392 bytes)

Product version:
5.7.2.4

Copyright:
Copyright (c) 2006-2014

Trademarks:
Copyright (c) 2006-2014

Original file name:
Authenticates Sidebar.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\10.exe

File PE Metadata
Compilation timestamp:
9/28/2015 7:53:52 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x6B25

Entry point:
E8, 3E, 05, 00, 00, E9, 36, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 08, D2, 40, 00, 89, 0D, 04, D2, 40, 00, 89, 15, 00, D2, 40, 00, 89, 1D, FC, D1, 40, 00, 89, 35, F8, D1, 40, 00, 89, 3D, F4, D1, 40, 00, 66, 8C, 15, 20, D2, 40, 00, 66, 8C, 0D, 14, D2, 40, 00, 66, 8C, 1D, F0, D1, 40, 00, 66, 8C, 05, EC, D1, 40, 00, 66, 8C, 25, E8, D1, 40, 00, 66, 8C, 2D, E4, D1, 40, 00, 9C, 8F, 05, 18, D2, 40, 00, 8B, 45, 00, A3, 0C, D2, 40, 00, 8B, 45, 04, A3, 10, D2, 40, 00, 8D, 45, 08, A3, 1C, D2, 40...
 
[+]

Entropy:
7.0689

Code size:
30 KB (30,720 bytes)

Remove 10.exe - Powered by Reason Core Security