401hk.exe

ESET, spol. s r.o.

The application 401hk.exe by ESET, spol. s r.o has been detected as a potentially unwanted program by 35 anti-malware scanners. It runs as a windows Service named “Qrstuv Xyabcdef Hijklmno Qrst”.
Publisher:
ESET, spol. s r.o.  (signed and verified)

MD5:
01cff2982562b9767b5cdf92ec18cfb1

SHA-1:
edaa85c04be0c240d48b31f0a59351569be71b53

Scanner detections:
35 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 4:57:13 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.5603
-39

AegisLab AV Signature
Troj.W32.Gen.lLFP
2.1.4+

AhnLab V3 Security
Trojan/Win32.Fynloski.R154397
3.8.3.16

Avira AntiVirus
BDS/Backdoor.Gen
8.3.3.4

Arcabit
Trojan.Symmi.D15E3
1.0.0.798

avast!
Win32:Downloader-UAD [Trj]
2014.9-170315

AVG
BackDoor.Generic_r
2018.0.2439

Baidu Antivirus
Win32.Trojan.Farfli
4.0.3.17315

Bitdefender
Gen:Variant.Symmi.5603
1.0.20.370

Bkav FE
W32.Clodff3.Trojan
1.3.0.8876

Comodo Security
TrojWare.Win32.Magania.~AAD
26747

Dr.Web
Trojan.DownLoader9.4292
9.0.1.074

Emsisoft Anti-Malware
Gen:Variant.Symmi.5603
8.17.03.15.04

ESET NOD32
Win32/Farfli.AFJ (variant)
11.15077

Fortinet FortiGate
W32/Farfli.BAB!tr
3/15/2017

F-Prot
W32/Symmi.AA.gen
v6.4.7.1.166

G Data
Gen:Variant.Symmi.5603
17.3.A:25.11155B:25.9069

IKARUS anti.virus
Backdoor.Win32.Zegost
0.2.1.2

K7 AntiVirus
Unwanted-Program
13.10.4.22689

Kaspersky
Trojan-GameThief.Win32.Magania
14.0.0.-1311

McAfee
GenericRXAD-MK!01CFF2982562
5600.6095

Microsoft Security Essentials
Backdoor:Win32/Zegost.BZ
1.1.13504.0

MicroWorld eScan
Gen:Variant.Symmi.5603
18.0.0.222

NANO AntiVirus
Trojan.Win32.Magania.emcekl
1.0.70.15657

Panda Antivirus
Trj/CI.A
17.03.15.04

Qihoo 360 Security
Win32/Trojan.Downloader.be6
1.0.0.1120

Quick Heal
Backdoor.Zegost.BZ4
3.17.14.00

Rising Antivirus
Malware.Generic.5!tfe (cloud:h4xPRtu1bsK)
23.00.65.17313

Sophos
Mal/Behav-116
4.98

Trend Micro House Call
BKDR_ZEGOST_FI080021.UVPM
7.2.74

Trend Micro
BKDR_ZEGOST_FI080021.UVPM
10.465.15

Vba32 AntiVirus
TrojanPSW.Magania
3.12.26.4

VIPRE Antivirus
BehavesLike.Win32.Malware.wsc (mx-v)
56604

ViRobot
Trojan.Win32.Z.Symmi.144644[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Farfli.Win32.19836
2.0.0.3230

File size:
141.3 KB (144,644 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\401hk.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/9/2007 7:00:00 AM

Valid to:
6/9/2010 6:59:59 AM

Subject:
CN="ESET, spol. s r.o.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ESET, spol. s r.o.", L=Bratislava, S=Slovakia, C=SK

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2B22252B478A1A91A8BC2B8B7F2D96EA

File PE Metadata
Compilation timestamp:
11/5/2014 7:47:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x19FCF

Entry point:
55, 8B, EC, 6A, FF, 68, D0, C2, 41, 00, 68, A6, 9F, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 30, B2, 41, 00, 59, 83, 0D, 80, 59, 42, 00, FF, 83, 0D, 84, 59, 42, 00, FF, FF, 15, 34, B2, 41, 00, 8B, 0D, 7C, 59, 42, 00, 89, 08, FF, 15, 38, B2, 41, 00, 8B, 0D, 78, 59, 42, 00, 89, 08, A1, 3C, B2, 41, 00, 8B, 00, A3, 88, 59, 42, 00, E8, 1D, 01, 00, 00, 39, 1D, 40, 1E, 42, 00, 75, 0C, 68, 58, A1, 41, 00, FF, 15, 40, B2...
 
[+]

Entropy:
6.2486

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
104 KB (106,496 bytes)

Service
Display name:
Qrstuv Xyabcdef Hijklmno Qrst

Service name:
Qrstuvwx Abcdefghi Klmnopq Stuvwxya Cde

Description:
Qrstuv Xyabcdef Hij

Type:
Win32OwnProcess, InteractiveProcess


Remove 401hk.exe - Powered by Reason Core Security