» adobe-photoshop-lightroom-6.1.1-multilanguage-+-patch---appzdam.exe
Overview
Analysis
File Details
Downloads (1)

adobe-photoshop-lightroom-6.1.1-multilanguage-+-patch---appzdam.exe

Boogu

Wqe

The executable adobe-photoshop-lightroom-6.1.1-multilanguage-+-patch---appzdam.exe has been detected as malware by 7 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from m.ulozto.sk.

File name:

Publisher:

Wqe

Product:

Boogu

Description:

Gkoon

Version:

2.5.5.8

MD5:

672d9c8cf5c3ac60d0b4a38069349429

SHA-1:

a9cee2e381a010553fd2c1b7adc42b7e244a0013

SHA-256:

568942d59917e03c8187448b31887b6b717ab36cf4b325c6e1e96b4ce406532a

Scanner detections:

7 / 68

Status:

Malware

Analysis date:

1/12/2025 8:31:27 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Trojan.DownLoader18.224

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.MSILPerseus.2834

9.0.0.4157

ESET NOD32

Generik.HFAEBIF trojan

8.0.319.0

Kaspersky

Trojan.MSIL.Zapchast

15.0.0.562

Microsoft Security Essentials

Threat.Undefined

1.223.2074.0

Norman

Gen:Variant.MSILPerseus.2834

28.05.2016 15:32:18

VIPRE Antivirus

Threat.4657539

50170

File size:

415 KB (424,960 bytes)

Product version:

2.5.5.8

Trademarks:

Vwer

Original file name:

ffdfgrertt.exe

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\obrázky\adobe-photoshop-lightroom-6.1.1-multilanguage-+-patch---appzdam.exe

File PE Metadata

Compilation timestamp:

12/1/2015 11:48:34 PM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

80.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:he34uakUh7a6WP7+J1vAPz3IOFd58QANilc0piFW0Hq6XeKtA313GW:2a1rWMtAPzbFnSNil3ibq6XeOa13GW

Entry address:

0x67C0A

Entry point:

4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

407.5 KB (417,280 bytes)

The file adobe-photoshop-lightroom-6.1.1-multilanguage-+-patch---appzdam.exe has been seen being distributed by the following URL.

http://m.ulozto.sk/.../adobe-photoshop-lightroom-6-1-1-multilanguage-patch-appzdam-exe

Remove adobe-photoshop-lightroom-6.1.1-multilanguage-+-patch---appzdam.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.