» {7fbadc09-2398-b938-6c29-073c9abecfb1}.exe
Overview
Analysis
File Details

{7fbadc09-2398-b938-6c29-073c9abecfb1}.exe

Pageboy

Prompted

The application {7fbadc09-2398-b938-6c29-073c9abecfb1}.exe has been detected as a potentially unwanted program by 27 anti-malware scanners.

File name:

Publisher:

Prompted

Product:

Pageboy

Description:

Signatures

Version:

0.0.0.0

MD5:

6e2d95d7d7c460287fa318029f56a089

SHA-1:

b7fb55fbe3358726a95e7ca0733322dfef196323

SHA-256:

100f596576a186739bd4fe9d8d498bfc062f9bdd79191789b050740190c57084

Scanner detections:

27 / 68

Status:

Potentially unwanted

Analysis date:

4/1/2025 7:52:00 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.532540

-40

Agnitum Outpost

Trojan.DL.Hyteod

7.1.1

AhnLab V3 Security

Trojan/Win32.ZBot

2015.02.19

Avira AntiVirus

TR/Dropper.Gen

7.11.211.46

avast!

MSIL:GenMalicious-CEA [Trj]

2014.9-170315

AVG

MSIL6

2018.0.2438

Baidu Antivirus

Trojan.MSIL.Injector

4.0.3.17315

Bitdefender

Gen:Variant.Kazy.532540

1.0.20.370

Dr.Web

Trojan.Kovter.15

9.0.1.074

Emsisoft Anti-Malware

Gen:Variant.Kazy.532540

8.17.03.15.10

ESET NOD32

MSIL/Injector.HCI (variant)

11.11197

Fortinet FortiGate

MSIL/Injector.HDZ!tr

3/15/2017

F-Secure

Gen:Variant.Kazy.532540

11.2017-15-03_4

G Data

Gen:Variant.Kazy.532540

17.3.25

IKARUS anti.virus

Trojan-Downloader.Win32.Hyteod

t3scan.1.8.6.0

K7 AntiVirus

Unwanted-Program

13.196.15011

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-1315

Malwarebytes

Trojan.MSIL.BVXGen

v2017.03.15.10

McAfee

Ransom-FUJ!6E2D95D7D7C4

5600.6094

MicroWorld eScan

Gen:Variant.Kazy.532540

18.0.0.222

Panda Antivirus

Trj/CI.A

17.03.15.10

Qihoo 360 Security

Win32/Trojan.6f2

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R08NC0EBE15

7.2.74

Trend Micro

TROJ_GEN.R08NC0EBE15

10.465.15

Vba32 AntiVirus

TrojanDownloader.Hyteod

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

37686

File size:

318 KB (325,678 bytes)

Product version:

0.0.0.0

Scathing Copyright Ref

Trademarks:

Screw

Original file name:

Rotas.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\{7fbadc09-2398-b938-6c29-073c9abecfb1}\{7fbadc09-2398-b938-6c29-073c9abecfb1}.exe

File PE Metadata

Compilation timestamp:

1/9/2015 1:34:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

Entry address:

0x50E4E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

316 KB (323,584 bytes)

Remove {7fbadc09-2398-b938-6c29-073c9abecfb1}.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.