home

c71e3b38d4bd4af512d5554aa2259e8c.exe

R8PN8L8SL19T0F5M8 ProductVersion

SAPO

The executable c71e3b38d4bd4af512d5554aa2259e8c.exe, “U5WP5B6M2F8NH0YV8 FileVersion” has been detected as malware by 32 anti-virus scanners.
Publisher:
FZDKKOMDG83V5R9BHFileDescription  (signed by SAPO)

Product:
R8PN8L8SL19T0F5M8 ProductVersion

Description:
U5WP5B6M2F8NH0YV8 FileVersion

Version:
19.0.77.34

MD5:
c71e3b38d4bd4af512d5554aa2259e8c

SHA-1:
78a3f66ad095506400fd9c2281c256a848b3ec32

SHA-256:
611ac80c93e464ad6d28c5140622f222d5c085022fc9fd3c686662561ac6ccc5

Scanner detections:
32 / 68

Status:
Malware

Analysis date:
4/19/2025 4:32:28 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2502977
536

Agnitum Outpost
Backdoor.DarkKomet
7.1.1

AhnLab V3 Security
Trojan/Win32.Agent
2015.07.24

Avira AntiVirus
TR/Dropper.MSIL.19552
8.3.1.6

Arcabit
Trojan.Generic.D263141
1.0.0.425

avast!
Win32:Malware-gen
2014.9-150817

AVG
MSIL8
2016.0.3014

Baidu Antivirus
Backdoor.Win32.DarkKomet
4.0.3.15817

Bitdefender
Trojan.GenericKD.2502977
1.0.20.1145

Bkav FE
W32.Clod0da.Trojan
1.3.0.6979

Comodo Security
UnclassifiedMalware
22851

Dr.Web
BackDoor.Comet.2406
9.0.1.0229

Emsisoft Anti-Malware
Trojan.GenericKD.2502977
8.15.08.17.11

ESET NOD32
MSIL/Injector.KDN (variant)
9.11987

Fortinet FortiGate
MSIL/KDN!tr
8/17/2015

F-Secure
Trojan.GenericKD.2502977
11.2015-17-08_2

G Data
Trojan.GenericKD.2502977
15.8.25

IKARUS anti.virus
Trojan.MSIL.Injector
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.207.16662

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.1565

McAfee
RDN/Generic.tfr!ep
5600.6670

Microsoft Security Essentials
Backdoor:Win32/Fynloski.A
1.1.11903.0

MicroWorld eScan
Trojan.GenericKD.2502977
16.0.0.687

NANO AntiVirus
Trojan.Win32.DarkKomet.dtbxdv
0.30.24.2668

nProtect
Trojan.GenericKD.2502977
15.07.23.01

Panda Antivirus
Trj/CI.A
15.08.17.11

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Quick Heal
Backdoor.DarkKomet.r3
8.15.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R03EC0DFL15
10.465.17

VIPRE Antivirus
Trojan.Win32.Generic
42274

Zillya! Antivirus
Backdoor.DarkKomet.Win32.32054
2.0.0.2311

File size:
361.6 KB (370,320 bytes)

Product version:
1.27.36.4

Copyright:
G7FXHMII7EEEBMWWHLegalTrademarks

Trademarks:
KWISXOLDWMGASMW3< OriginalFilename

Original file name:
lproc.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
SAPO

Authority:
SAPO

Valid from:
6/6/2015 1:08:35 AM

Valid to:
6/6/2016 1:08:35 AM

Subject:
E=cmd@sapo.pt, CN=SAPO.PT, OU=SAPO Division of Protocol, O=SAPO, L=Opalo, S=Jobila, C=AS

Issuer:
E=cmd@sapo.pt, CN=SAPO.PT, OU=SAPO Division of Protocol, O=SAPO, L=Opalo, S=Jobila, C=AS

Serial number:
00A7AB2CD21ECC7345

File PE Metadata
Compilation timestamp:
6/7/2015 12:45:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
80.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:z7bimr6lXHupygTVm1jtuhFXTnxHNzkCBkihl9maYOC9n79n8dlFW1B6kQmjsYKk:z/0gttICCigaY9nhmeukVIpRebIi

Entry address:
0x5B56E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.1561

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
357.5 KB (366,080 bytes)

Remove c71e3b38d4bd4af512d5554aa2259e8c.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.