82199-autoclick.exe

AutoClick

The executable 82199-autoclick.exe has been detected as malware by 17 anti-virus scanners. Accoriding to the detections, it is a variant of Zbot (Zeus), a trojan that attempts to steal confidential information (online credentials, and banking details) from a compromised computer and send it to online criminals via a command-and-control server. The file has been seen being downloaded from download802.fshare.vn and multiple other hosts.
Product:
AutoClick

Version:
2, 2, 0, 0

MD5:
cbcfaeb22e4847a6b1c33bb520b6920a

SHA-1:
926688042fac9c639cd4762a77ae961427828b6f

SHA-256:
e7fc99b82c52128706118fa50cdd20341920297146924cdf01629db920c83d0a

Scanner detections:
17 / 68

Status:
Malware

Analysis date:
12/25/2024 1:53:40 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.CL.Agent
7.1.1

Baidu Antivirus
Trojan.Win32.Clicker
4.0.3.14324

Bkav FE
W32.Clode52.Trojan
1.3.0.4959

Clam AntiVirus
Win.Trojan.8256801
0.98/18355

Comodo Security
TrojWare.Win32.TrojanClicker.Agent.NFX0
17980

Dr.Web
Tool.Autoclick
9.0.1.083

F-Prot
W32/Trojan2.MHVI
v6.4.7.1.166

K7 AntiVirus
Trojan
13.176.11524

McAfee
Generic.dx!CBCFAEB22E48
5600.7182

NANO AntiVirus
Trojan.Win32.MHVI.ckmfy
0.28.0.58491

Norman
Suspicious_Gen2.FBJC
11.20140324

nProtect
Trojan/W32.Agent.258048.EB
14.03.23.01

Rising Antivirus
PE:Trojan.Win32.Generic.126B342B!309015595
23.00.65.14322

Total Defense
Win32/Tnega.AGYF
37.0.10835

VIPRE Antivirus
Trojan.Win32.Generic
27680

ViRobot
Trojan.Win32.A.Zbot.258048.AS
2011.4.7.4223

XVirus List
Win.Detected
2.3.31

File size:
252 KB (258,048 bytes)

Product version:
2, 2, 0, 0

Copyright:
Copyright (C) BestSoftwareCenter 2008

Original file name:
AutoClick.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\auto click 2.2\82199-autoclick.exe

File PE Metadata
Compilation timestamp:
11/4/2008 3:05:04 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:w9/hnvuqg1X6xlr0Uxl2K9TVDYFIVMJTqU3m3ZYIEnMhd3:whhnv3giqUxwCZYiVMFr3cz

Entry address:
0x1DF86

Entry point:
55, 8B, EC, 6A, FF, 68, 20, 12, 42, 00, 68, 0C, E1, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 10, 04, 42, 00, 59, 83, 0D, B0, 64, 42, 00, FF, 83, 0D, B4, 64, 42, 00, FF, FF, 15, 0C, 04, 42, 00, 8B, 0D, A4, 64, 42, 00, 89, 08, FF, 15, 08, 04, 42, 00, 8B, 0D, A0, 64, 42, 00, 89, 08, A1, 04, 04, 42, 00, 8B, 00, A3, AC, 64, 42, 00, E8, 16, 01, 00, 00, 39, 1D, C0, 5B, 42, 00, 75, 0C, 68, 08, E1, 41, 00, FF, 15, 00, 04...
 
[+]

Entropy:
5.0567

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
124 KB (126,976 bytes)

The file 82199-autoclick.exe has been seen being distributed by the following 50 URLs.

http://download802.fshare.vn/dl/.../AutoClick 2.2.exe

http://download802.fshare.vn/dl/.../AutoClick 2.2.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=017bb428e24868021468352b73ea70812762f9d6fb17a956bf33c46ec9564714622079f8e76d2fb11522f7f10d2e0c53443212dfbaf54e65765cc34ef480dd9fc59cfe87d04890fff620350af9108261c709862bad5517719c1c30cd74231bf9d234a32b114627e58c9fed751229c675e02dbb1d5a0939624c7a66&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=autoclick-2.2.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=0122a378a10a6e071d33383f33ab6882263afbd7f01bfa5dfe3292329849190e622079f8e76d2fb11522f7f10d2e0c53443212dfbaf54e65765cc34ef480dd9fc59cfe87d04890fff620350af9108261c709862bad5517719c1c30cd74231bf9d234a32b114627e58c9fed751229c675e02dbb1d5a0939624c7a66&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=autoclick-2.2.exe

http://download802.fshare.vn/dl/.../AutoClick 2.2.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=532db32ea14b3b441864333938af758e2a67a58ff00faf5fec608a66c253421c622079f8e76d2fb11522f7f10d2e0c53443212dfbaf54e65765cc34ef480dd9fc59cfe87d04890fff620350af9108261c709862bad5517719c1c30cd74231bf9d234a32b114627e58c9fed751229c675e02dac1a45&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=autoclick-2.2.exe

http://download803.fshare.vn/dl/.../AutoClick 2.2.exe

http://download802.fshare.vn/dl/.../AutoClick 2.2.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=1320a52aa0582c5d4b306f2e6baa7885323dfbd5ab4ffa51b628966fd84f4f1b622079f8e76d2fb11522f7f10d2e0c53443212dfbaf54e65765cc34ef480dd9fc59cfe87d04890fff620350af9108261c709862bad5517719c1c30cd74231bf9d234a32b114627e58c9fed751229c675e02dbb1d5a0939624c7a66&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=autoclick-2.2.exe

http://download010.fshare.vn/dl/.../AutoClick 2.2.exe

http://download1595.mediafire.com/u2rodd8i1lgg/.../autoclick_2_2.exe

http://download010.fshare.vn/dl/.../AutoClick 2.2.exe

http://dc773.4shared.com/download/.../82199-AutoClick.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=017ee778e8523b5a433b623a6efd6a9b716eacd1f01dfe51bf618c64db484212622079f8e76d2fb11522f7f10d2e0c53443212dfbaf54e65765cc34ef480dd9fc59cfe87d04890fff620350af9108261c709862bad5517719c1c30cd74231bf9d234a32b114627e58c9fed751229c675e02dbb1d5a0939624c7a66&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=autoclick-2.2.exe

http://download010.fshare.vn/dl/.../AutoClick 2.2.exe

http://download010.fshare.vn/dl/.../AutoClick 2.2.exe

http://download010.fshare.vn/dl/.../AutoClick 2.2.exe

http://download802.fshare.vn/dl/.../AutoClick 2.2.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=0578b57ab44a32035b60617a34f42888713df2d0ad4ba00be561cd7ec4534b0b622079f8e76d2fb11522f7f10d2e0c53443212dfbaf54e65765cc34ef480dd9fc59cfe87d04890fff620350af9108261c709862bad5517719c1c30cd74231bf9d234a32b114627e58c9fed751229c675e02dbb1d5a0939624c7a66&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=autoclick-2.2.exe

http://download010.fshare.vn/dl/.../AutoClick 2.2.exe

blob:FA7165BD-7FCA-492A-BEBE-DC23F44746B0

http://download781.mediafire.com/iestk1q4551g/.../autoclick-2.2.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=1228bc6abb0f31534b65322339ac7f8d3031ef88f408fa5feb6b946a9a4e561d622079f8e76d2fb11522f7f10d2e0c53443212dfbaf54e65765cc34ef480dd9fc59cfe87d04890fff620350af9108261c709862bad5517719c1c30cd74231bf9d234a32b114627e58c9fed751229c675e02dbb1d5a0939624c7a66&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=autoclick-2.2.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=073fb36eba4e6b0458706f7a35f722852631fa8ff10faa51e237c568df4a5646622079f8e76d2fb11522f7f10d2e0c53443212dfbaf54e65765cc34ef480dd9fc59cfe87d04890fff620350af9108261c709862bad5517719c1c30cd74231bf9d234a32b114627e58c9fed751229c675e02dbb1d5a0939624c7a66&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=autoclick-2.2.exe

http://download010.fshare.vn/dl/.../AutoClick 2.2.exe

https://mega.nz/persistent/.../zRhw3bzS

http://www.tusfiles.net/c4e10ooi4fup

https://mega.nz/persistent/.../LxUBUYYC

http://download010.fshare.vn/dl/.../AutoClick 2.2.exe

http://s10845.chomikuj.pl/File.aspx?e=FgTJ_RrN0xjNdQFkvNJ5n7DoD9MWYHFxp3FIoAb59hkbAuGlu3__wI6NxMoq917Kx4LMSIACAJNFhNadFycH2Q_PgxH8Uz8PZuJl9a_moPHhPrOcBGfpwQhOgVmAh97MUwT6TKGG191-vmAZmNYKwA&pv=2

Latest 30 of 74 download URLs

Remove 82199-autoclick.exe - Powered by Reason Core Security