home

1929kg.exe

MD5:
6f9bea84dc1cba905d73e2438f7d950c

SHA-1:
d2f47eb52cfe561001eae3a269d76cf63e845858

SHA-256:
8a2c4f66729a0c53c03d4f160f12d7c81be3d047c95404958ec5a2caef53d26a

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 1:38:24 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Evo-gen [Susp]
2014.9-160806

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.0.6.0

Qihoo 360 Security
Win32/Trojan.97a
1.0.0.1120

Rising Antivirus
PE:Malware.RDM.17!5.17 [F]
23.00.65.16804

File size:
166.5 KB (170,496 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\1929kg.exe

File PE Metadata
Compilation timestamp:
1/8/2016 7:11:57 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
3072:vxCWJZSE3ih/ZOFXPRZzc/c40yRnBB6BBYxf/3JA4:vxCWJZKj8XpZzcU40KnBB6BBYF3O4

Entry address:
0x1717

Entry point:
6A, 00, E8, 90, 06, 00, 00, A3, 40, C2, 41, 00, E8, 8C, 06, 00, 00, 50, E8, 2A, 4E, 00, 00, 83, C4, 04, 68, 70, BC, 41, 00, 68, 80, 00, 00, 00, 68, 47, BB, 41, 00, 68, 6C, BC, 41, 00, 68, 64, BC, 41, 00, 68, 5C, BC, 41, 00, E8, 66, 06, 00, 00, 68, 80, BC, 41, 00, 68, 47, BB, 41, 00, E8, 5D, 07, 00, 00, 0B, C0, 74, 05, E8, DE, 03, 00, 00, 6A, 00, 68, 88, 17, 40, 00, 6A, 00, 6A, 65, FF, 35, 40, C2, 41, 00, E8, 90, 05, 00, 00, 50, E8, 38, 06, 00, 00, 55, 8B, EC, 83, C4, FC, 81, 7D, 0C, 10, 01, 00, 00, 0F, 85...
 
[+]

Entropy:
6.6332

Code size:
21.5 KB (22,016 bytes)

The file 1929kg.exe has been seen being distributed by the following URL.

http://www.filefactory.com/file/.../1929kg.exe

Scan 1929kg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.