» atom pack.exe
Overview
Analysis
File Details
Downloads (1)

atom pack.exe

Y5C11ZtKvOW9UtjumzNET61XWJX08Iai4bJwbK

FX6eQ31ALMcOJgv

The executable atom pack.exe, “y0Z4c0fifID8770f0n96bv” has been detected as malware by 23 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from hyperurl.co.

File name:

atom pack.exe

Publisher:

FX6eQ31ALMcOJgv

Product:

Y5C11ZtKvOW9UtjumzNET61XWJX08Iai4bJwbK

Description:

y0Z4c0fifID8770f0n96bv

Version:

0.0.6.6

MD5:

8a4fa72788b1504d44dbe42a9eb8cc25

SHA-1:

3b19e8324a90157dabb6f34094a40e8de0e69d65

SHA-256:

c945cea71d9849cbf105f476b1ba75861b9960a092983e49a5168261323474d1

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

12/27/2024 12:01:51 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2207465

206

Avira AntiVirus

TR/Spy.Banker.179712.3

3.6.1.96

avast!

Win32:Dropper-gen [Drp]

2014.9-160712

Baidu Antivirus

Trojan.Win32.Banker

4.0.3.16712

Bitdefender

Trojan.GenericKD.2207465

1.0.20.970

Emsisoft Anti-Malware

Trojan.GenericKD.2207465

8.16.07.12.03

ESET NOD32

MSIL/TrojanClicker.Agent.NKB (variant)

10.11455

Fortinet FortiGate

W32/Agent.UZW!tr

7/12/2016

F-Secure

Trojan.GenericKD.2207465

11.2016-12-07_3

G Data

Trojan.GenericKD.2207465

16.7.25

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.8.9.0

K7 AntiVirus

Riskware

13.202.15554

Kaspersky

Trojan-Banker.Win32.Agent

14.0.0.-83

McAfee

Artemis!8A4FA72788B1

5600.6340

MicroWorld eScan

Trojan.GenericKD.2207465

17.0.0.582

NANO AntiVirus

Trojan.Win32.Agent.dpfgpn

0.30.10.952

nProtect

Trojan.GenericKD.2207465

15.04.10.01

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Quick Heal

TrojanBanker.Agent.r4

7.16.14.00

Trend Micro House Call

TROJ_GEN.R047C0ECH15

7.2.194

Trend Micro

TROJ_GEN.R047C0ECH15

10.465.12

Vba32 AntiVirus

TScope.Trojan.MSIL

3.12.26.3

ViRobot

Trojan.Win32.A.Agent.179712.AD[h]

2014.3.20.0

File size:

175.5 KB (179,712 bytes)

Product version:

1.1.5.4

r6s0gYvD6hfm

Original file name:

C:\Atom Pack.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\atom pack.exe

File PE Metadata

Compilation timestamp:

3/3/2015 7:14:58 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:oi32g0bBEILy4wnVWTcty4wnVWTcZ3YX/aEOZIMyteIIP/ijYihIiCgBtZiDc4Rh:UTjLenDenP3K/aJZIjG/ih3CsA0ftU

Entry address:

0x223EE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 52, 43, F5, 54, 00, 00, 00, 00, 02, 00, 00, 00, 1C, 01, 00, 00, 1C, 40, 02, 00, 1C, 08, 02, 00, 52, 53, 44, 53, 66, 24, A4, 4E, EA, B8, E9, 4D, A8, F7, D1, F1, 29, E9, A6, 5A, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 41, 6E, 74, 69, 78, 5C, 44, 6F, 63, 75, 6D, 65, 6E, 74, 73, 5C, 56, 69, 73, 75, 61, 6C, 20, 53, 74, 75, 64, 69, 6F, 20, 32, 30, 31, 33, 5C, 50, 72, 6F, 6A, 65, 63, 74, 73, 5C, 41, 74, 6F, 6D, 20... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

129 KB (132,096 bytes)

The file atom pack.exe has been seen being distributed by the following URL.

http://hyperurl.co/atompack

Remove atom pack.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.