» Atlava Dll Injector by Phoenix1337.exe
Overview
Analysis
File Details
Downloads (1)

Atlava Dll Injector by Phoenix1337.exe

The application Atlava Dll Injector by Phoenix1337.exe has been detected as a potentially unwanted program by 31 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc508.4shared.com.

File name:

MD5:

6843ef86496ed523983392599062c965

SHA-1:

7a0666c6a8f9379fc07cba26cb383a4921c1bde5

SHA-256:

9bb160e1f7ada754b40fbac56407caacaafd9a7d02f03af9e0355e8e263d72b4

Scanner detections:

31 / 68

Status:

Potentially unwanted

Analysis date:

11/2/2024 1:23:11 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.7760044

949

Agnitum Outpost

HackTool.Injecter

7.1.1

Avira AntiVirus

TR/Rogue.7760044.4

7.11.156.180

avast!

Win32:PUP-gen [PUP]

2014.9-140630

AVG

HackTool

2015.0.3427

Baidu Antivirus

Hacktool.Win32.Injecter

4.0.3.14630

Bitdefender

Trojan.Generic.7760044

1.0.20.905

Bkav FE

W32.Clodc42.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

18662

Dr.Web

Trojan.Click2.33745

9.0.1.0181

ESET NOD32

Win32/DllInject.AQ

8.9996

Fortinet FortiGate

Malware_fam.NB

6/30/2014

F-Prot

W32/Zbot.PM.gen

v6.4.7.1.166

F-Secure

Trojan.Generic.7760044

11.2014-30-06_2

G Data

Trojan.Generic.7760044

14.6.24

IKARUS anti.virus

HackTool.Win32.Injecter

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.180.12512

Kaspersky

HackTool.Win32.Injecter

14.0.0.3632

McAfee

RDN/Generic PUP.z!db

5600.7083

MicroWorld eScan

Trojan.Generic.7760044

15.0.0.543

NANO AntiVirus

Trojan.Win32.Injecter.xweju

0.28.0.60475

Norman

Suspicious_Gen5.EWKC

11.20140630

nProtect

Trojan.Generic.7760044

14.06.25.01

Panda Antivirus

Generic Malware

14.06.30.03

Qihoo 360 Security

Win32/Trojan.Hacktool.e2d

1.0.0.1015

Quick Heal

HackTool.Injecter.bbj (Not a Virus)

6.14.14.00

Reason Heuristics

Threat.Win.Reputation.IMP

14.12.1.1

Trend Micro House Call

TROJ_SPNR.08KD13

7.2.181

Trend Micro

TROJ_SPNR.08KD13

10.465.30

VIPRE Antivirus

Trojan.Win32.Generic

30636

Zillya! Antivirus

Tool.Injecter.Win32.512

2.0.0.1836

File size:

73.5 KB (75,264 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

11/25/2011 5:55:51 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:L+1QrC5pV23IrXWhBXcbDaEbTI02gDO9kOgPcG/cPnU18g:L0pVkEXWPJNhkOgPcG0fIH

Entry address:

0x38E4

Entry point:

E8, 96, 2D, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, C8, 0F, 41, 00, 89, 0D, C4, 0F, 41, 00, 89, 15, C0, 0F, 41, 00, 89, 1D, BC, 0F, 41, 00, 89, 35, B8, 0F, 41, 00, 89, 3D, B4, 0F, 41, 00, 66, 8C, 15, E0, 0F, 41, 00, 66, 8C, 0D, D4, 0F, 41, 00, 66, 8C, 1D, B0, 0F, 41, 00, 66, 8C, 05, AC, 0F, 41, 00, 66, 8C, 25, A8, 0F, 41, 00, 66, 8C, 2D, A4, 0F, 41, 00, 9C, 8F, 05, D8, 0F, 41, 00, 8B, 45, 00, A3, CC, 0F, 41, 00, 8B, 45, 04, A3, D0, 0F, 41, 00, 8D, 45, 08, A3, DC, 0F, 41... 
[+]

Code size:

42.5 KB (43,520 bytes)

The file Atlava Dll Injector by Phoenix1337.exe has been seen being distributed by the following URL.

http://dc508.4shared.com/download/.../atlava_dll_injector.exe

Remove Atlava Dll Injector by Phoenix1337.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.