1741

Tixati Software Inc.

The file 1741 has been detected as malware by 27 anti-virus scanners.
Publisher:
Jomtion legola  (signed by Tixati Software Inc.)

Product:
Jomtion legola

Version:
7.01.0007

MD5:
9584282bf4cef7c63c058a9684216805

SHA-1:
474322decec74c84e3634535df7559233d3c03d8

SHA-256:
4a5341af153b70daf8ea24a739e768dffa216cc3df250c189ab4709cbf5fbfad

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
12/27/2024 6:20:04 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.15124518
137

Agnitum Outpost
Backdoor.Tofsee
7.1.1

Avira AntiVirus
TR/Dropper.VB.37278
8.3.2.2

Arcabit
Trojan.Generic.DE6C826
1.0.0.582

avast!
Win32:Malware-gen
2014.9-160919

AVG
Inject3
2017.0.2615

Baidu Antivirus
Trojan.Win32.Injector
4.0.3.16919

Bitdefender
Trojan.Generic.15124518
1.0.20.1315

Dr.Web
Trojan.Spambot.12689
9.0.1.0263

Emsisoft Anti-Malware
Trojan.Generic.15124518
8.16.09.19.08

ESET NOD32
Win32/Injector.CJSA (variant)
10.12397

Fortinet FortiGate
W32/CJSA!tr
9/19/2016

F-Secure
Trojan.Generic.15124518
11.2016-19-09_2

G Data
Trojan.Generic.15124518
16.9.25

IKARUS anti.virus
Trojan.Win32.Injector
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.210.17511

Kaspersky
Backdoor.Win32.Tofsee
14.0.0.-429

McAfee
RDN/Generic BackDoor
5600.6271

Microsoft Security Essentials
Backdoor:Win32/Tofsee.T
1.1.12101.0

MicroWorld eScan
Trojan.Generic.15124518
17.0.0.789

NANO AntiVirus
Trojan.Win32.Tofsee.dxoghb
0.30.26.3947

nProtect
Trojan.Generic.15124518
15.10.12.01

Panda Antivirus
Generic Suspicious
16.09.19.08

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Sophos
Mal/VB-APR
4.98

Trend Micro
TROJ_GEN.R028C0DJ815
10.465.19

VIPRE Antivirus
Trojan.Win32.Generic
44506

File size:
138 KB (141,352 bytes)

Product version:
7.01.0007

Original file name:
Jomtion legola.exe

Language:
Bulgarian (Bulgaria)

Common path:
C:\users\{user}\appdata\local\temp\1741

Digital Signature
Authority:
StartCom Ltd.

Valid from:
9/3/2014 5:41:38 PM

Valid to:
9/4/2016 3:25:38 PM

Subject:
E=support@tixati.com, CN=Tixati Software Inc., O=Tixati Software Inc., L=Toronto, S=Ontario, C=CA, Description=i5lM5uso21UxjYzI

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0FFE

File PE Metadata
Compilation timestamp:
10/2/2015 2:08:43 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:O+IOnilQkAHAbG2fdjMBgj5ZjA/bMIg8oDFVzw:tnt3gbGuddXPZJw

Entry address:
0x1270

Entry point:
68, F0, 65, 41, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, B1, 2C, A4, 1C, C3, CE, 04, 4A, A2, A8, AC, 96, 2D, AA, 9D, 47, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 74, 7A, 0D, 0A, 43, 61, 46, 72, 69, 65, 64, 65, 6E, 73, 66, 65, 73, 74, 65, 6E, 00, 20, 00, 00, 00, 00, FF, CC, 31, 00, 06, 49, 07, B3, 42, D2, B6, 98, 48, B8, D2, 90, 8B, 7E, 0B, 2E, C7, 18, 9B, D9, F3, A3, C6, 15, 42, B4, 12, 0C, FE, EF, 2B, 7F, 44, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
7.2327

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
112 KB (114,688 bytes)

Remove 1741 - Powered by Reason Core Security