» 555.exe
Overview
Analysis
File Details
Downloads (1)

555.exe

555

The executable 555.exe has been detected as malware by 23 anti-virus scanners. The file has been seen being downloaded from exeupp.com.

File name:

555.exe

Product:

555

Version:

1.0.0.0

MD5:

de55e6077c7c1bb838cfc972ab6a7c81

SHA-1:

ee3e9096d34fb1f7e2fe03f85b58a8e7f67e7f03

SHA-256:

cde117579d72ce7ce33e97815aa204fc609a40f54b7ea47c03bc270be19316d0

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

11/27/2024 10:48:09 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Dropper.MSIL.222786

8.3.2.2

Arcabit

Trojan.Kazy.DBBC5C

1.0.0.597

avast!

Win32:Malware-gen

2014.9-151119

AVG

Atros2

2016.0.2921

Bitdefender

Gen:Variant.Kazy.769116

1.0.20.1615

Dr.Web

BackDoor.Bladabindi.1056

9.0.1.0323

Emsisoft Anti-Malware

Gen:Variant.Kazy.769116

8.15.11.19.01

ESET NOD32

MSIL/Kryptik.DYD (variant)

9.12577

Fortinet FortiGate

MSIL/Kryptik.DYD!tr

11/19/2015

F-Secure

Gen:Variant.Kazy.769116

11.2015-19-11_5

G Data

Gen:Variant.Kazy.769116

15.11.25

IKARUS anti.virus

Trojan.MSIL.Crypt

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.212.17873

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.1100

McAfee

Artemis!DE55E6077C7C

5600.6577

Microsoft Security Essentials

Trojan:Win32/Skeeyah.A!rfn

1.1.12205.0

MicroWorld eScan

Gen:Variant.Kazy.769116

16.0.0.969

NANO AntiVirus

Trojan.Win32.Kryptik.dypprt

0.30.26.4437

Panda Antivirus

Trj/GdSda.A

15.11.19.01

Qihoo 360 Security

Win32/Trojan.Dropper.307

1.0.0.1077

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R00JC0DKE15

10.465.19

VIPRE Antivirus

Trojan.Win32.Generic

45248

File size:

58 KB (59,392 bytes)

Product version:

1.0.0.0

Original file name:

555.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\555.exe

File PE Metadata

Compilation timestamp:

11/7/2015 4:36:03 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:D5DDR+SVMeYv8AEW2kzuROKsaGtOiVccTU4eV7cMMK5IonAdNhRnUEj8xT:D5DDR+S28fWrOOKdGk054V7RbnCuy8J

Entry address:

0xCF3E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0555

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

44 KB (45,056 bytes)

The file 555.exe has been seen being distributed by the following URL.

http://exeupp.com//.../c6d4a8c.exe

Remove 555.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.