Anonymous External Attack.exe

Anonymous External Attack

The application Anonymous External Attack.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from downloader.disk.yandex.com.tr and multiple other hosts.
Publisher:
Microsoft*  (Invalid match)

Product:
Anonymous External Attack

Version:
1.0.0.0

MD5:
20e2aa585fc0c9ce6a036ae4f41e988f

SHA-1:
df4b2644052584f40999b455ceecbb6c3bb37f0c

SHA-256:
d5f01c8bae54b9443565bc471fdd56d77b0fe45f2f3238e92d61667f1451c9c4

Scanner detections:
21 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 12:59:04 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Hacktool.Dos.B
1104

Agnitum Outpost
Riskware.DosAttack
7.1.1

Avira AntiVirus
SPR/DDoS.N
7.11.126.226

Baidu Antivirus
Malware.Win32.HackTool
4.0.3.14127

Bitdefender
Application.Hacktool.Dos.B
1.0.20.135

Bkav FE
W32.Clod0b1.Trojan
1.3.0.4923

Comodo Security
Application.Win32.DosAttack.~A
17667

Emsisoft Anti-Malware
Trojan.MSIL.DosAttack
8.14.01.27.07

ESET NOD32
MSIL/DosAttack
8.9333

F-Secure
Application.Hacktool.Dos
11.2014-27-01_2

G Data
Application.Hacktool.Dos
14.1.24

IKARUS anti.virus
possible-Threat.DDoS.N
t3scan.2.2.29

K7 AntiVirus
Trojan
13.175.10956

Malwarebytes
Trojan.FakeMS
v2014.01.27.07

MicroWorld eScan
Application.Hacktool.Dos.B
15.0.0.81

Reason Heuristics
Unnamed.Threat.25
14.2.26.11

Sophos
Mal/Generic-S
4.97

Trend Micro House Call
HKTL_DDOS
7.2.27

Trend Micro
HKTL_DDOS
10.465.27

VIPRE Antivirus
Trojan.Win32.Generic
25756

ViRobot
HackTool.DDos.218112
2011.4.7.4223

File size:
213 KB (218,112 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Microsoft 2012

Original file name:
Anonymous External Attack.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
3/22/2012 12:54:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:DcyImitfdlBiJ/F60r+Sbg8DR+QZvn6ut:DcyqtuYCVbVRZ

Entry address:
0x406E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.6731

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
8.5 KB (8,704 bytes)

The file Anonymous External Attack.exe has been seen being distributed by the following 15 URLs.

https://downloader.disk.yandex.com.tr/disk/9e7ab04956aabcff06f5eebc2e0052672f352173798a96e1341faa02c1d5fb76/583fc3a4/.../x-msdownload&fsize=218112&hid=efdd0258893ce038236b68df8909a52d&media_type=executable&tknv=v2

https://downloader.disk.yandex.com.tr/disk/8efb9d231b4529f38da857d48d7d2bf71ee73f4a55beaaf213de7cff918d16e3/5877fc57/.../x-msdownload&fsize=218112&hid=efdd0258893ce038236b68df8909a52d&media_type=executable&tknv=v2

https://downloader.disk.yandex.com.tr/disk/1f9fb7067f45f8a5f413b0a299ceb1f54631dcad30d191fd68997b5762b25c7c/589f1a34/ZWAuOpc_LB29odokUpx24TL5RbkJYK9jjlJSTM2M_BnlttRbB15y9bTJqg0ONj9tPeBIMyaBEmMk5fo-hgzNbg==?uid=0&filename=Anonymous External Attack.exe&disposition=attachment&hash=BMQYzltO39as2qnr6C3UJACqDnGHiqcNSbGMHbDovtU=:/.../x-msdownload&fsize=218112&hid=efdd0258893ce038236b68df8909a52d&media_type=executable&tknv=v2

http://img1.file-upload.cc:182/d/.../Anonymous External Attack.exe

https://downloader.disk.yandex.com.tr/disk/c6987198bc919e9318db8a55deaaf1d07956cdd9fdd50a768ccaf702e77d16df/5815e9f8/ZWAuOpc_LB29odokUpx24TL5RbkJYK9jjlJSTM2M_BnlttRbB15y9bTJqg0ONj9tPeBIMyaBEmMk5fo-hgzNbg==?uid=0&filename=Anonymous External Attack.exe&disposition=attachment&hash=BMQYzltO39as2qnr6C3UJACqDnGHiqcNSbGMHbDovtU=:/.../x-msdownload&fsize=218112&hid=efdd0258893ce038236b68df8909a52d&media_type=executable&tknv=v2

https://downloader.disk.yandex.com.tr/disk/04feec14e8af0bd408de9ddb2b7e9fc156594fdfee83086eaf14e96f9df210dc/5833429f/ZWAuOpc_LB29odokUpx24TL5RbkJYK9jjlJSTM2M_BnlttRbB15y9bTJqg0ONj9tPeBIMyaBEmMk5fo-hgzNbg==?uid=0&filename=Anonymous External Attack.exe&disposition=attachment&hash=BMQYzltO39as2qnr6C3UJACqDnGHiqcNSbGMHbDovtU=:/.../x-msdownload&fsize=218112&hid=efdd0258893ce038236b68df8909a52d&media_type=executable&tknv=v2

https://downloader.disk.yandex.com.tr/disk/552963ff32e5e0b02a2372f7f65feffb3a0314577af5aeeefcff2ca9bb8a7b50/581f594e/ZWAuOpc_LB29odokUpx24TL5RbkJYK9jjlJSTM2M_BnlttRbB15y9bTJqg0ONj9tPeBIMyaBEmMk5fo-hgzNbg==?uid=0&filename=Anonymous External Attack.exe&disposition=attachment&hash=BMQYzltO39as2qnr6C3UJACqDnGHiqcNSbGMHbDovtU=:/.../x-msdownload&fsize=218112&hid=efdd0258893ce038236b68df8909a52d&media_type=executable&tknv=v2

https://downloader.disk.yandex.com.tr/disk/200ab5b85d96fa0c5590c97c8250ab594821c49a29b0c9795f976d6ea2d5b6a2/57fa3792/.../x-msdownload&fsize=218112&hid=efdd0258893ce038236b68df8909a52d&media_type=executable&tknv=v2

https://downloader.disk.yandex.com.tr/disk/fb3a3cf538053b7e0b19f5b7a43ec29f4c66521d59fa2460dd8701e7b786b6e0/582acce9/ZWAuOpc_LB29odokUpx24TL5RbkJYK9jjlJSTM2M_BnlttRbB15y9bTJqg0ONj9tPeBIMyaBEmMk5fo-hgzNbg==?uid=0&filename=Anonymous External Attack.exe&disposition=attachment&hash=BMQYzltO39as2qnr6C3UJACqDnGHiqcNSbGMHbDovtU=:/.../x-msdownload&fsize=218112&hid=efdd0258893ce038236b68df8909a52d&media_type=executable&tknv=v2

http://dc720.4shared.com/download/.../Anonymous_External_Attack.exe

Remove Anonymous External Attack.exe - Powered by Reason Core Security