» לא מאושר 947109.crdownload
Overview
Analysis
File Details
Downloads (10)

לא מאושר 947109.crdownload

תוכנת פריטים למיקמק 2015

The file לא מאושר 947109.crdownload has been detected as malware by 10 anti-virus scanners. The file has been seen being downloaded from f2h.nana10.co.il and multiple other hosts.

File name:

Publisher:

Microsoft* (Invalid match)

Product:

תוכנת פריטים למיקמק 2015

Version:

1.0.0.0

MD5:

b94298a4e634a17e91df08707c7642e3

SHA-1:

7ef8d64f3fdaedbe6d78a20cc746daacff8b2d45

SHA-256:

0d7d20c6060eedee80d8d998146bd2b72416fb019bcf149f6484c6d3dff47eb3

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

4/23/2025 8:03:24 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.15167368

459

Avira AntiVirus

TR/Spy.A.17975

8.3.2.2

Arcabit

Trojan.Generic.DE76F88

1.0.0.582

Bitdefender

Trojan.Generic.15167368

1.0.20.1535

Emsisoft Anti-Malware

Trojan.Generic.15167368

8.15.11.03.05

F-Secure

Trojan.Generic.15167368

11.2015-03-11_3

G Data

Trojan.Generic.15167368

15.11.25

MicroWorld eScan

Trojan.Generic.15167368

16.0.0.921

nProtect

Trojan.Generic.15167368

15.10.16.01

Panda Antivirus

Trj/Sharik.B

15.10.02.03

File size:

885 KB (906,240 bytes)

Product version:

1.0.0.0

Original file name:

תוכנת פריטים למיקמק 2015.exe

Common path:

C:\users\{user}\downloads\?? ????? 947109.crdownload

File PE Metadata

Compilation timestamp:

4/25/2015 7:05:00 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

24576:rIeZ1zhZo3xeuIeZ1zhZo3xeuaIeZ1zhZo3xev:rIIBhZohlIIBhZohdaIIBhZoh

Entry address:

0xDDFAE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 2C, BB, 3B, 55, 00, 00, 00, 00, 02, 00, 00, 00, E0, 00, 00, 00, 1C, E0, 0D, 00, 1C, C4, 0D, 00, 52, 53, 44, 53, 0C, 99, AC, 05, E4, 31, 2B, 4F, 8E, 0F, 3E, 6A, B4, 8C... 
[+]

Entropy:

7.2481

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

880 KB (901,120 bytes)

The file לא מאושר 947109.crdownload has been seen being distributed by the following 10 URLs.

http://f2h.nana10.co.il/.../qxbl9ipby9rg|7ccd79ad73d20cf66e6d54a957954faf|.exe

http://f2h.nana10.co.il/.../qxbl9ipby9rg|ec9b89146dcd92b66d6b6b34590431ce|.exe

http://f2h.nana10.co.il/.../qxbl9ipby9rg|f5d15033374b134fc732055bc1043f4d|.exe

http://serv71.f2h.co.il/.../qxbl9ipby9rg|3d1f2ae2b257d6ccd68119066d8b16ea

http://f2h.nana10.co.il/.../qxbl9ipby9rg|df3afb41d962e1b406ebc49632296a55|.exe

http://f2h.nana10.co.il/.../qxbl9ipby9rg|442f502a67a674c8964da6349881f9fe|.exe

http://f2h.nana10.co.il/.../qxbl9ipby9rg|0b38b7ed0b4abed92948c276fa67ed16|.exe

http://f2h.nana10.co.il/.../qxbl9ipby9rg|6ec6c8b4e3e75dff3975dc59e8af4071|.exe

http://serv71.f2h.co.il/.../qxbl9ipby9rg|8f80b9df306206859fcc2c018fb9b796

http://f2h.nana10.co.il/.../qxbl9ipby9rg|fddc299a3a781fcb7d78d4fae7329889|.exe

Remove לא מאושר 947109.crdownload - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.