home

active malware lifetime_axkr.exe

Patch Malware Lifetime

jenny@vnz.com

The application active malware lifetime_axkr.exe, “Active Malwarebytes Anti-Malware Lifetime” has been detected as a potentially unwanted program by 25 anti-malware scanners. This file is typically installed with the program Malwarebytes Anti-Malware version 2.2.0.1024 by Malwarebytes. The file has been seen being downloaded from www62.zippyshare.com and multiple other hosts.
Publisher:
jenny@vnz.com

Product:
Patch Malware Lifetime

Description:
Active Malwarebytes Anti-Malware Lifetime

Version:
2.2.0.1024

MD5:
698f17eca20c6caf8cf272066653cdf2

SHA-1:
bf533af2c333bb93e28b1272916a7007ea1001ff

SHA-256:
915adf6b0af7a5c6aa404a5b7cc47480069f1abd4935f60d81eeb0a2b989efd6

Scanner detections:
25 / 68

Status:
Potentially unwanted

Analysis date:
1/13/2025 7:17:46 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.15341548
394

Agnitum Outpost
Trojan.Agent
7.1.1

Avira AntiVirus
APPL/ChangeHost.pdgli
8.3.2.4

Arcabit
Trojan.Generic.DEA17EC
1.0.0.642

avast!
Win32:Malware-gen
2014.9-160107

Baidu Antivirus
Hacktool.BAT.HostsChanger
4.0.3.1617

Bitdefender
Trojan.Generic.15341548
1.0.20.35

Clam AntiVirus
Win.Trojan.12106397
0.98/21511

Dr.Web
Trojan.KillFiles.57415
9.0.1.07

Emsisoft Anti-Malware
Trojan.Generic.15341548
8.16.01.07.05

ESET NOD32
BAT/HostsChanger.A potentially unsafe
10.12825

Fortinet FortiGate
Adware/HostsChanger
1/7/2016

F-Prot
W32/Trojan2.ONRH
v6.4.7.1.166

F-Secure
Trojan.Generic.15341548
11.2016-07-01_5

G Data
Trojan.Generic.15341548
16.1.25

K7 AntiVirus
Unwanted-Program
13.212.18331

Malwarebytes
Trojan.Dropper.SFX
v2016.01.07.05

McAfee
Artemis!698F17ECA20C
5600.6528

MicroWorld eScan
Trojan.Generic.15341548
17.0.0.21

NANO AntiVirus
Trojan.Win32.KillFiles.dyzlnq
1.0.14.5380

nProtect
Trojan.Generic.15341548
16.01.05.01

Panda Antivirus
Trj/CI.A
16.01.07.05

Qihoo 360 Security
HEUR/QVM06.2.Malware.Gen
1.0.0.1077

Trend Micro
TROJ_GE.DE3E69CD
10.465.07

VIPRE Antivirus
Trojan.Win32.Generic
46298

File size:
520.4 KB (532,911 bytes)

Product version:
2.2.0.1024

Copyright:
(c) Jenny. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\skype\my skype received files\active malware lifetime_axkr.exe

File PE Metadata
Compilation timestamp:
11/18/2015 4:15:19 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:5G8Nypeg5k0//Y7gxCiCZDpGvAGQm6frYz2aGppbWaQ0/O6tK68:5LNyp3v/JxCiCa57irYDGpy0m6EN

Entry address:
0x1DA8B

Entry point:
E8, 86, 63, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 82, FC, FF, FF, C7, 06, F0, B2, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, F0, B2, 42, 00, E9, 37, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, F0, B2, 42, 00, E8, 24, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 8A, CA, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08...
 
[+]

Entropy:
6.1344

Code size:
163 KB (166,912 bytes)

The file active malware lifetime_axkr.exe has been discovered within the following program.

Malwarebytes Anti-Malware version 2.2.0.1024  by Malwarebytes
www.malwarebytes.org
About 1% of users remove it
 
Powered by Should I Remove It?

The file active malware lifetime_axkr.exe has been seen being distributed by the following 4 URLs.

http://www62.zippyshare.com/d/BHEgynh9/.../Active Malware Lifetime.exe

http://www62.zippyshare.com/d/BHEgynh9/.../Active Malware Lifetime.exe

http://www62.zippyshare.com/d/BHEgynh9/.../Active Malware Lifetime.exe

http://download028.fshare.vn/dl/.../Active Malware Lifetime_AXKR.exe

Remove active malware lifetime_axkr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.