home

4096

Bullified Corporation

The file 4096 has been detected as malware by 4 anti-virus scanners.
Publisher:
Bullified Corporation  (signed and verified)

MD5:
e2fc1cdcda88cffee8230f03e6cefd9a

SHA-1:
7cfeb5f4b72e219e420a2ad7bef3e59a7262c429

SHA-256:
0df43945775222b11eb89c6f49e462dc47f79c5a8e474c20e3fd1023203b9b2e

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
11/27/2024 8:45:10 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Kryptik.FRN trojan
8.0.319.0

McAfee
Trojan.Trojan-FIHN!E2FC1CDCDA88
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.219.190.0

Norman
Gen:Variant.Razy.39949
02.04.2016 17:35:19

File size:
401 KB (410,672 bytes)

Common path:
C:\users\{user}\appdata\local\temp\4096

Digital Signature
Signed by:
Bullified Corporation

Authority:
Bullified Corporation

Valid from:
3/29/2016 9:43:18 PM

Valid to:
3/30/2026 9:43:18 PM

Subject:
E=adl@bullified.com, CN=Bullified Ltd., OU=MIIO Dept., O=Bullified Corporation, L=Sydney, S=New South Wales, C=AU

Issuer:
E=adl@bullified.com, CN=Bullified Ltd., OU=MIIO Dept., O=Bullified Corporation, L=Sydney, S=New South Wales, C=AU

Serial number:
00D49F2215296B86E7

File PE Metadata
Compilation timestamp:
4/4/2016 3:31:12 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:qOq5oJvrvwfEOT+cQ3F3yrwL3w5BOixVDqQzcjDo7:JE4w8PcQ3FhANDoQ7

Entry address:
0x6466E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9270

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
394 KB (403,456 bytes)

Remove 4096 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.