home

277c0c7c84d9d2e069bf1130a2a4bed2.exe

The executable 277c0c7c84d9d2e069bf1130a2a4bed2.exe has been detected as malware by 5 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.
Version:
0.0.0.0

MD5:
bd88919ac8310f324ba7d6a90e71c503

SHA-1:
048481ae79ee64436b60f4e1377c02895658e34d

SHA-256:
08afdcff9f1ebd9d59d0e75adf5511ea8f3ce8100159b9465756424ef4810d88

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/1/2025 8:45:47 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Worm.Njrat-2
0.98/23207

Dr.Web
Trojan.DownLoader16.35573
9.0.1.05190

ESET NOD32
MSIL/Bladabindi.AH worm
6.3.12010.0

F-Secure
Generic.MSIL.Bladabindi.6918DA77
5.16.24

Microsoft Security Essentials
Backdoor:MSIL/Bladabindi.AJ
1.237.1231.0

File size:
44 KB (45,056 bytes)

Product version:
0.0.0.0

Original file name:
Stub.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\microsoft\windows\start menu\programs\startup\277c0c7c84d9d2e069bf1130a2a4bed2.exe

File PE Metadata
Compilation timestamp:
2/19/2017 11:53:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0xBA0E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
39 KB (39,936 bytes)

User Start Menu Item
Name:
277c0c7c84d9d2e069bf1130a2a4bed2.exe


Remove 277c0c7c84d9d2e069bf1130a2a4bed2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.