» 1741
Overview
Analysis
File Details

1741

Tixati Software Inc.

The file 1741 has been detected as malware by 27 anti-virus scanners.

File name:

1741

Publisher:

Jomtion legola (signed by Tixati Software Inc.)

Product:

Jomtion legola

Version:

7.01.0007

MD5:

9584282bf4cef7c63c058a9684216805

SHA-1:

474322decec74c84e3634535df7559233d3c03d8

SHA-256:

4a5341af153b70daf8ea24a739e768dffa216cc3df250c189ab4709cbf5fbfad

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

11/16/2024 5:24:36 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.15124518

137

Agnitum Outpost

Backdoor.Tofsee

7.1.1

Avira AntiVirus

TR/Dropper.VB.37278

8.3.2.2

Arcabit

Trojan.Generic.DE6C826

1.0.0.582

avast!

Win32:Malware-gen

2014.9-160919

AVG

Inject3

2017.0.2615

Baidu Antivirus

Trojan.Win32.Injector

4.0.3.16919

Bitdefender

Trojan.Generic.15124518

1.0.20.1315

Dr.Web

Trojan.Spambot.12689

9.0.1.0263

Emsisoft Anti-Malware

Trojan.Generic.15124518

8.16.09.19.08

ESET NOD32

Win32/Injector.CJSA (variant)

10.12397

Fortinet FortiGate

W32/CJSA!tr

9/19/2016

F-Secure

Trojan.Generic.15124518

11.2016-19-09_2

G Data

Trojan.Generic.15124518

16.9.25

IKARUS anti.virus

Trojan.Win32.Injector

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.210.17511

Kaspersky

Backdoor.Win32.Tofsee

14.0.0.-429

McAfee

RDN/Generic BackDoor

5600.6271

Microsoft Security Essentials

Backdoor:Win32/Tofsee.T

1.1.12101.0

MicroWorld eScan

Trojan.Generic.15124518

17.0.0.789

NANO AntiVirus

Trojan.Win32.Tofsee.dxoghb

0.30.26.3947

nProtect

Trojan.Generic.15124518

15.10.12.01

Panda Antivirus

Generic Suspicious

16.09.19.08

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Sophos

Mal/VB-APR

4.98

Trend Micro

TROJ_GEN.R028C0DJ815

10.465.19

VIPRE Antivirus

Trojan.Win32.Generic

44506

File size:

138 KB (141,352 bytes)

Product version:

7.01.0007

Original file name:

Jomtion legola.exe

Language:

Bulgarian (Bulgaria)

Common path:

C:\users\{user}\appdata\local\temp\1741

Digital Signature

Signed by:

Tixati Software Inc.

Authority:

StartCom Ltd.

Valid from:

9/3/2014 5:41:38 PM

Valid to:

9/4/2016 3:25:38 PM

Subject:

E=support@tixati.com, CN=Tixati Software Inc., O=Tixati Software Inc., L=Toronto, S=Ontario, C=CA, Description=i5lM5uso21UxjYzI

Issuer:

CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

0FFE

File PE Metadata

Compilation timestamp:

10/2/2015 2:08:43 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:O+IOnilQkAHAbG2fdjMBgj5ZjA/bMIg8oDFVzw:tnt3gbGuddXPZJw

Entry address:

0x1270

Entry point:

68, F0, 65, 41, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, B1, 2C, A4, 1C, C3, CE, 04, 4A, A2, A8, AC, 96, 2D, AA, 9D, 47, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 74, 7A, 0D, 0A, 43, 61, 46, 72, 69, 65, 64, 65, 6E, 73, 66, 65, 73, 74, 65, 6E, 00, 20, 00, 00, 00, 00, FF, CC, 31, 00, 06, 49, 07, B3, 42, D2, B6, 98, 48, B8, D2, 90, 8B, 7E, 0B, 2E, C7, 18, 9B, D9, F3, A3, C6, 15, 42, B4, 12, 0C, FE, EF, 2B, 7F, 44, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00... 
[+]

Entropy:

7.2327

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

112 KB (114,688 bytes)

Remove 1741 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.