» {a2df9b5a-4f90-4259-97dc-84dafd0b8790}-njrat_0.5.0.rar
Overview
Analysis
File Details
Downloads (1)

{a2df9b5a-4f90-4259-97dc-84dafd0b8790}-njrat_0.5.0.rar

The file {a2df9b5a-4f90-4259-97dc-84dafd0b8790}-njrat_0.5.0.rar has been detected as a potentially unwanted program by 37 anti-malware scanners. The file has been seen being downloaded from up.dev-point.com.

File name:

MD5:

4be281b59d0235666a5a06f9e50b2495

SHA-1:

319c341ab9a7855585c46ff3286311f3e49d2b60

SHA-256:

96c7bd9a637be433421de714128d7fa81225c67a89a2239a7e07779308727578

Scanner detections:

37 / 68

Status:

Potentially unwanted

Analysis date:

12/29/2024 1:51:51 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.1826

5721239

AegisLab AV Signature

DangerousObject.Multi.Gen

2.1.4+

Agnitum Outpost

Trojan.Rogue

7.1.1

Avira AntiVirus

TR/Rogue.8522602.2

8.3.1.6

Arcabit

Trojan.Barys.D722

1.0.0.425

avast!

Win32:PUP-gen [PUP]

2014.9-150703

AVG

PSW.MSIL

2016.0.3059

Baidu Antivirus

Trojan.MSIL.RatCon

4.0.3.1573

Bitdefender

Gen:Variant.Kazy.265876

1.0.20.920

Clam AntiVirus

Win.Trojan.Agent-883130

0.98/20639

Comodo Security

UnclassifiedMalware

22316

Dr.Web

infected with BackDoor.Bladabindi.1393

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Kazy.265876

10.0.0.5366

ESET NOD32

multiple threats

7.0.302.0

Fortinet FortiGate

W32/Agent.XFQ!tr

7/3/2015

F-Prot

W32/S-898a7bc8

v6.4.7.1.166

F-Secure

Gen:Variant.Kazy.265876

11.2015-03-07_6

G Data

Gen:Variant.Kazy.265876

15.7.25

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.9.3.0

K7 AntiVirus

Riskware

13.204.16117

Kaspersky

Constructor.MSIL.RatCon

15.0.0.543

Malwarebytes

HackTool.Agent

v2015.07.03.04

McAfee

Trojan.GenericTRA-BY!D6007C6BF745

17.6.569.0

Microsoft Security Essentials

Threat.Undefined

1.201.601.0

MicroWorld eScan

Gen:Variant.Kazy.265876

16.0.0.552

NANO AntiVirus

Trojan.Win32.Rogue.ctumsf

0.30.24.1636

Norman

Gen:Variant.Kazy.265876

02.06.2015 14:23:46

nProtect

Trojan.Generic.KDV.803567

15.06.02.01

Panda Antivirus

Trj/CI.A

15.07.03.04

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

Quick Heal

HackTool.Jaktinier.r3 (Not a Virus)

7.15.14.00

Sophos

Virus 'Troj/MSIL-CIV'

5.15

Trend Micro House Call

HKTL_RATNJ

7.2.184

Trend Micro

HKTL_RATNJ

10.465.03

Vba32 AntiVirus

Constructor.MSIL.RatCon

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

40788

Zillya! Antivirus

Tool.RatCon.Win32.2

2.0.0.2202

File size:

513.2 KB (525,498 bytes)

Common path:

C:\ProgramData\microsoft\microsoft antimalware\localcopy\{a2df9b5a-4f90-4259-97dc-84dafd0b8790}-njrat_0.5.0.rar

The file {a2df9b5a-4f90-4259-97dc-84dafd0b8790}-njrat_0.5.0.rar has been seen being distributed by the following URL.

http://up.dev-point.com/down-123637.html

Remove {a2df9b5a-4f90-4259-97dc-84dafd0b8790}-njrat_0.5.0.rar - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.