bzpfyosvbc.exe

pattern

The executable bzpfyosvbc.exe has been detected as malware by 6 anti-virus scanners. The file has been seen being downloaded from evaporez.com.
Product:
pattern

Description:
pattern

Version:
1, 0, 0, 1

MD5:
fd372a8b0644efcdd999c7bb5406c0b5

SHA-1:
2bce1eba87b0472bbaf60a208683a9786afb0d9c

SHA-256:
415b74b156feb135c037a6a4bfbab03d9875689c59343078c32406b2f0f5efbb

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
12/25/2024 1:32:41 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Crypt.Xpack.313468
8.3.2.2

Emsisoft Anti-Malware
Trojan.Win32.Injector
8.15.11.07.02

ESET NOD32
Win32/Boaxxe.BR
9.12528

Kaspersky
Trojan.Win32.Diple
14.0.0.1160

Malwarebytes
Trojan.Xcsidl
v2015.11.07.02

Qihoo 360 Security
QVM19.1.Malware.Gen
1.0.0.1077

File size:
148 KB (151,554 bytes)

Product version:
1, 0, 0, 1

Copyright:
(C) 2011

Original file name:
pattern.exe

File type:
Executable application (Win32 EXE)

Language:
Icelandic (Iceland)

Common path:
C:\users\{user}\appdata\local\temp\bzpfyosvbc.exe

File PE Metadata
Compilation timestamp:
11/2/2015 12:18:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:PRdWKe7sIWL9HoNVJEUxVxTUpgWCW+46Q0AsJkIIVTmDd33:3/os3oNUonTUpR6Q0JJkIcy533

Entry address:
0x1551

Entry point:
55, 8B, EC, 6A, FF, 68, 08, 38, 40, 00, E9, 14, 16, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Entropy:
7.0927

Developed / compiled with:
Microsoft Visual C++

Code size:
8 KB (8,192 bytes)

The file bzpfyosvbc.exe has been seen being distributed by the following URL.

Remove bzpfyosvbc.exe - Powered by Reason Core Security