Atlava Dll Injector by Phoenix1337.exe

The application Atlava Dll Injector by Phoenix1337.exe has been detected as a potentially unwanted program by 31 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc508.4shared.com.
MD5:
6843ef86496ed523983392599062c965

SHA-1:
7a0666c6a8f9379fc07cba26cb383a4921c1bde5

SHA-256:
9bb160e1f7ada754b40fbac56407caacaafd9a7d02f03af9e0355e8e263d72b4

Scanner detections:
31 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 4:06:59 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.7760044
949

Agnitum Outpost
HackTool.Injecter
7.1.1

Avira AntiVirus
TR/Rogue.7760044.4
7.11.156.180

avast!
Win32:PUP-gen [PUP]
2014.9-140630

AVG
HackTool
2015.0.3427

Baidu Antivirus
Hacktool.Win32.Injecter
4.0.3.14630

Bitdefender
Trojan.Generic.7760044
1.0.20.905

Bkav FE
W32.Clodc42.Trojan
1.3.0.4959

Comodo Security
UnclassifiedMalware
18662

Dr.Web
Trojan.Click2.33745
9.0.1.0181

ESET NOD32
Win32/DllInject.AQ
8.9996

Fortinet FortiGate
Malware_fam.NB
6/30/2014

F-Prot
W32/Zbot.PM.gen
v6.4.7.1.166

F-Secure
Trojan.Generic.7760044
11.2014-30-06_2

G Data
Trojan.Generic.7760044
14.6.24

IKARUS anti.virus
HackTool.Win32.Injecter
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.180.12512

Kaspersky
HackTool.Win32.Injecter
14.0.0.3632

McAfee
RDN/Generic PUP.z!db
5600.7083

MicroWorld eScan
Trojan.Generic.7760044
15.0.0.543

NANO AntiVirus
Trojan.Win32.Injecter.xweju
0.28.0.60475

Norman
Suspicious_Gen5.EWKC
11.20140630

nProtect
Trojan.Generic.7760044
14.06.25.01

Panda Antivirus
Generic Malware
14.06.30.03

Qihoo 360 Security
Win32/Trojan.Hacktool.e2d
1.0.0.1015

Quick Heal
HackTool.Injecter.bbj (Not a Virus)
6.14.14.00

Reason Heuristics
Threat.Win.Reputation.IMP
14.12.1.1

Trend Micro House Call
TROJ_SPNR.08KD13
7.2.181

Trend Micro
TROJ_SPNR.08KD13
10.465.30

VIPRE Antivirus
Trojan.Win32.Generic
30636

Zillya! Antivirus
Tool.Injecter.Win32.512
2.0.0.1836

File size:
73.5 KB (75,264 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
11/25/2011 5:55:51 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:L+1QrC5pV23IrXWhBXcbDaEbTI02gDO9kOgPcG/cPnU18g:L0pVkEXWPJNhkOgPcG0fIH

Entry address:
0x38E4

Entry point:
E8, 96, 2D, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, C8, 0F, 41, 00, 89, 0D, C4, 0F, 41, 00, 89, 15, C0, 0F, 41, 00, 89, 1D, BC, 0F, 41, 00, 89, 35, B8, 0F, 41, 00, 89, 3D, B4, 0F, 41, 00, 66, 8C, 15, E0, 0F, 41, 00, 66, 8C, 0D, D4, 0F, 41, 00, 66, 8C, 1D, B0, 0F, 41, 00, 66, 8C, 05, AC, 0F, 41, 00, 66, 8C, 25, A8, 0F, 41, 00, 66, 8C, 2D, A4, 0F, 41, 00, 9C, 8F, 05, D8, 0F, 41, 00, 8B, 45, 00, A3, CC, 0F, 41, 00, 8B, 45, 04, A3, D0, 0F, 41, 00, 8D, 45, 08, A3, DC, 0F, 41...
 
[+]

Code size:
42.5 KB (43,520 bytes)

The file Atlava Dll Injector by Phoenix1337.exe has been seen being distributed by the following URL.

Remove Atlava Dll Injector by Phoenix1337.exe - Powered by Reason Core Security