7pm tech - w8 aio tool 1.1.0.1.exe

7pm Tech - W8 AIO Tool

7pm Tech

The executable 7pm tech - w8 aio tool 1.1.0.1.exe, “7pm Tech W8 AIO Tool” has been detected as malware by 33 anti-virus scanners. While running, it connects to the Internet address ip-70.32.1.32.hosted.by.gigenet.com on port 80 using the HTTP protocol.
Publisher:
7pm Tech

Product:
7pm Tech - W8 AIO Tool

Description:
7pm Tech W8 AIO Tool

Version:
1.1.0.1

MD5:
1d0570f4ea47e047fdf441d819cc089e

SHA-1:
4894bbb17faa598c4048c334f0d2b2a849ac1133

SHA-256:
eb65edaed8eaf30c434ae07185ccb20c7efd23341a2196887a0e364a85d5c93e

Scanner detections:
33 / 68

Status:
Malware

Analysis date:
11/14/2024 8:38:45 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.156627
873

Agnitum Outpost
Trojan.Genome
7.1.1

AhnLab V3 Security
Win-Trojan/Genome.K.976896
2014.09.15

avast!
Win32:Malware-gen
2014.9-140915

AVG
Generic30
2015.0.3351

Baidu Antivirus
Trojan.Win32.Genome
4.0.3.14915

Bitdefender
Gen:Variant.Kazy.156627
1.0.20.1290

Clam AntiVirus
Win.Trojan.MSIL-11
0.98/21411

Comodo Security
UnclassifiedMalware
19516

Dr.Web
Trojan.Click2.57533
9.0.1.0258

Emsisoft Anti-Malware
Gen:Variant.Kazy.156627
8.14.09.15.07

Fortinet FortiGate
W32/Genome.ALFJF!tr
9/15/2014

F-Secure
Gen:Variant.Kazy.156627
11.2014-15-09_2

G Data
Gen:Variant.Kazy.156627
14.9.24

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.7.8.0

K7 AntiVirus
Trojan
13.183.13358

Kaspersky
Trojan.Win32.Genome
14.0.0.3248

McAfee
Generic.dx!1D0570F4EA47
5600.7007

MicroWorld eScan
Gen:Variant.Kazy.156627
15.0.0.774

NANO AntiVirus
Trojan.Win32.Genome.cqmfbt
0.28.2.61942

Norman
Troj_Generic.GINSG
11.20140915

nProtect
Trojan/W32.Genome.976896.B
14.09.14.01

Panda Antivirus
Trj/CI.A
14.09.15.07

Qihoo 360 Security
Win32/Trojan.a57
1.0.0.1015

Quick Heal
Trojan.gen.r3
9.14.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.13EDEB0D!334359309
23.00.65.14913

Sophos
Mal/Generic-L
4.98

Trend Micro House Call
TROJ_SPNR.29J813
7.2.258

Trend Micro
TROJ_SPNR.29J813
10.465.15

Vba32 AntiVirus
TScope.Trojan.MSIL
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
33132

ViRobot
Trojan.Win32.A.Genome.976896.A
2011.4.7.4223

Zillya! Antivirus
Trojan.Genome.Win32.244833
2.0.0.1923

File size:
954 KB (976,896 bytes)

Product version:
1.1.0.1

Copyright:
Copyright © 7pm Tech 2012

Original file name:
7pm Tech - W8 AIO Tool.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
12/25/2012 10:50:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:Y4teLXPsfA9EFWQwGcNfyIPQ+2/vhAOLYnvLHQgncKm12Zz2DD:reLEf8E5w71R/sqOQvLHQwcKmOzOD

Entry address:
0xCC90A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
810.5 KB (829,952 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ip-70.32.1.32.hosted.by.gigenet.com  (70.32.1.32:80)

Remove 7pm tech - w8 aio tool 1.1.0.1.exe - Powered by Reason Core Security