» aimbot.exe
Overview
Analysis
File Details
Downloads (1)

aimbot.exe

The executable aimbot.exe has been detected as malware by 28 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fs13n1.sendspace.com.

File name:

aimbot.exe

MD5:

d9d3a9588e29429a9dea679f308bd833

SHA-1:

1bf4be47d3bc0bf250806acf003c63c208d28523

SHA-256:

e0dc742eb62b0c1663442b337eb078dc66a9b412cf0a28064e2760ade4f71358

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

11/23/2024 9:45:19 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1906491

185

Avira AntiVirus

BDS/Fynloski.A.17128

7.11.203.36

avast!

Win32:Agent-AUIU [Trj]

2014.9-160803

AVG

Generic11_c

2017.0.2663

Baidu Antivirus

Backdoor.Win32.DarkKomet

4.0.3.1683

Bitdefender

Trojan.GenericKD.1906491

1.0.20.1080

Comodo Security

UnclassifiedMalware

20773

Dr.Web

BackDoor.Comet.1783

9.0.1.0216

Emsisoft Anti-Malware

Backdoor.Win32.Fynloski

8.16.08.03.02

ESET NOD32

Win32/Fynloski.AA

10.11040

Fortinet FortiGate

W32/Fynloski.AA!tr

8/3/2016

F-Secure

Trojan.GenericKD.1906491

11.2016-03-08_4

G Data

Trojan.GenericKD.1906491

16.8.24

IKARUS anti.virus

Backdoor.Win32.Fynloski

t3scan.1.8.6.0

K7 AntiVirus

Trojan

13.191.14689

Kaspersky

Backdoor.Win32.DarkKomet

14.0.0.-190

McAfee

Artemis!D9D3A9588E29

5600.6319

Microsoft Security Essentials

Backdoor:Win32/Fynloski.A

1.11302

NANO AntiVirus

Trojan.Win32.Comet.dgyqcd

0.30.0.64448

Norman

Suspicious_Gen5.AWSDE

11.20160803

nProtect

Trojan.GenericKD.1906491

15.01.19.01

Qihoo 360 Security

HEUR/Malware.QVM10.Gen

1.0.0.1015

Quick Heal

Backdoor.Fynloski.g5

8.16.14.00

Rising Antivirus

PE:Trojan.Win32.Generic.1763A4B2!392406194

23.00.65.16801

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R011C0DJG14

7.2.216

Trend Micro

TROJ_GEN.R011C0DJG14

10.465.03

VIPRE Antivirus

Trojan.Win32.Generic

36802

File size:

2.8 MB (2,962,944 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (Wielka Brytania)

Common path:

C:\users\{user}\downloads\aimbot.exe

File PE Metadata

Compilation timestamp:

10/5/2014 1:13:05 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

49152:rkwkn9IMHea8+R9Tjbe5aMGTQppHTz9urSmZtZv6YsGGluq1Y8rKV3Xp0gasugpj:4dnVN9Tl92TArSmvZv6Yiu9Gu3XSgazf

Entry address:

0x26BF7

Entry point:

E8, 97, CF, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 58, 01, 4C, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 70, A3, 4B, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 58, 01, 4C, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03... 
[+]

Code size:

560 KB (573,440 bytes)

The file aimbot.exe has been seen being distributed by the following URL.

https://fs13n1.sendspace.com/dl/038b503197586ab0e1abf82c4760f77f/56eecae74217f73e/.../Aimbot.exe

Remove aimbot.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.