» 678394399.exe
Overview
Analysis
File Details

678394399.exe

The executable 678394399.exe has been detected as malware by 13 anti-virus scanners.

File name:

678394399.exe

MD5:

011701df6f643c05187f8c748d00f8e8

SHA-1:

3595fb7833bfc7abbb7437674cae612f990abd47

SHA-256:

391c8f356f1d2aef344de5d5944f815ba4dae6d9e836fc2c108729c360cdf778

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

11/29/2024 4:52:44 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Java.Trojan.GenericGB.1119

-40

AegisLab AV Signature

Java.Troj.Genericgb!c

2.1.4+

Arcabit

Java.Trojan.GenericGB.D45F

1.0.0.802

Bitdefender

Java.Trojan.GenericGB.1119

1.0.20.375

Dr.Web

Java.Siggen.110

9.0.1.075

Emsisoft Anti-Malware

Java.Trojan.GenericGB.1119

8.17.03.16.04

ESET NOD32

Java/Adwind.SZ (variant)

11.15095

F-Prot

Java/Adwind.LN

v6.4.7.1.166

F-Secure

Java.Trojan.GenericGB.1119

11.2017-16-03_5

G Data

Java.Trojan.GenericGB.1119

17.3.A:25.11199B:25.9092

IKARUS anti.virus

Trojan.Java.Adwind

0.2.1.2

McAfee

Adwind!53C5059F199A

5600.6094

Microsoft Security Essentials

Trojan:Java/Jrat.C

1.1.13504.0

File size:

3.1 MB (3,291,201 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\local\temp\678394399.exe

File PE Metadata

OS bitness:

Win64

Entry point:

50, 4B, 03, 04, 14, 00, 08, 08, 08, 00, B5, 3A, 6E, 4A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 39, 00, 04, 00, 63, 6F, 6D, 2F, 67, 69, 74, 68, 75, 62, 2F, 73, 61, 72, 78, 6F, 73, 2F, 77, 65, 62, 63, 61, 6D, 2F, 64, 73, 2F, 63, 67, 74, 2F, 57, 65, 62, 63, 61, 6D, 47, 65, 74, 42, 75, 66, 66, 65, 72, 54, 61, 73, 6B, 2E, 63, 6C, 61, 73, 73, FE, CA, 00, 00, 8D, 53, 6D, 4F, D3, 50, 14, 7E, EE, 36, 56, B6, 15, 99, C0, 04, 44, 50, 04, 74, 2F, 68, E5, 55, 71, 88, 08, 0A, 59, 52, 42, 0C, 44, 13, BF, F5, E5... 
[+]

Entropy:

7.9902 (probably packed)

Remove 678394399.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.