home

antifreeze by bisoon.exe

RealAntiFreeze By BISOON

Toshiba

Publisher:
Toshiba

Product:
RealAntiFreeze By BISOON

Version:
1.0.0.0

MD5:
607650a8ac3e8635b5cfabae7e4e6383

SHA-1:
b15896b16a0a2780d8066525c5906ed85fbf36b3

SHA-256:
219dad7c065ca07a894c780395900c49876d7e1b6eb09a4892a9353ad3b1c448

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/27/2024 1:53:43 PM UTC  (today)

Scan engine
Detection
Engine version

ViRobot
Trojan.Win32.A.Agent.515072.K[h]
2014.3.20.0

File size:
503 KB (515,072 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Toshiba 2015

Original file name:
RealAntiFreeze By BISOON.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/11/2015 12:18:56 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:uHvbSLKUS0pdJZRXxBZnGuKSBLXH5Xi9hHCG1awdq8JMxsD+bigrG0sqXGx:uuj7bBxKALXchl1DdbUvb+KG

Entry address:
0x3CFB6

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 03, 00, 0C, 00, 00, 00, B8, 3F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
3.7932

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
236 KB (241,664 bytes)

The file antifreeze by bisoon.exe has been seen being distributed by the following 2 URLs.

http://download1980.mediafire.com/75l4e1gbsoyg/.../AntiFreeze By BISOON.exe

http://download1286.mediafire.com/nbtn263919tg/.../AntiFreeze By BISOON.exe

Scan antifreeze by bisoon.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.