{c93b9b4c-6b05-454e-9076-095704f729c7}

The file {c93b9b4c-6b05-454e-9076-095704f729c7} has been detected as malware by 26 anti-virus scanners. The file has been seen being downloaded from raw.github.com.
MD5:
12da52573eb25e00a923b5b6dc495fbe

SHA-1:
6b022dfabb40d114966ae106de5ba77fcb7430dd

SHA-256:
46a259e0b8c3450de2ec055bce55ddf2357335e997b4dc8b16991aacf1c6fb68

Scanner detections:
26 / 68

Status:
Malware

Analysis date:
12/25/2024 4:53:51 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.ShellcodeRunner
7.1.1

Avira AntiVirus
TR/Crypt.XPACK.Gen7
3.6.1.96

avast!
Win32:Malware-gen
2014.9-150501

AVG
Generic22
2016.0.3122

Baidu Antivirus
Trojan.Win32.ShellcodeRunner
4.0.3.1551

Comodo Security
UnclassifiedMalware
21948

Dr.Web
Trojan.Click2.1265
9.0.1.0121

Emsisoft Anti-Malware
Trojan.Win32.ShellcodeRunner
8.15.05.01.05

ESET NOD32
Win32/ShellcodeRunner
9.11557

Fortinet FortiGate
W32/ShellcodeRunner.A!tr
5/1/2015

G Data
Win32.Trojan.Agent.UXF5DK
15.5.25

IKARUS anti.virus
Trojan.Win32.Genome
t3scan.1.8.9.0

K7 AntiVirus
Trojan
13.203.15761

Kaspersky
Trojan.Win32.Genome
14.0.0.2106

McAfee
Generic.ku
5600.6778

Microsoft Security Essentials
Trojan:Win32/Bumat!rts
1.1.11602.0

NANO AntiVirus
Trojan.Win32.Click2.bdqnfw
0.30.24.1357

Norman
Suspicious_Gen2.RHMJM
11.20150501

nProtect
Trojan/W32.Small.5632.EI
15.04.30.01

Panda Antivirus
Trj/CI.A
15.05.01.05

Qihoo 360 Security
Win32/Trojan.3ae
1.0.0.1015

Rising Antivirus
PE:Trojan.Win32.Generic.12C7ED88!315092360
23.00.65.15429

Sophos
Mal/Generic-L
4.98

Vba32 AntiVirus
Trojan.Llac
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
39816

Zillya! Antivirus
Trojan.Genome.Win32.127512
2.0.0.2161

File size:
5.5 KB (5,632 bytes)

File PE Metadata
Compilation timestamp:
4/16/2011 3:50:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
96:v4M1OnuSFZIKkltZ/DB+3ZoFfrGQe9qj7Vthc:ADn7wDZ/V+3Z0fr7e9qjl

Entry address:
0x136C

Entry point:
E8, A3, 03, 00, 00, E9, 9E, FD, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, 31, 40, 00, 89, 0D, 3C, 31, 40, 00, 89, 15, 38, 31, 40, 00, 89, 1D, 34, 31, 40, 00, 89, 35, 30, 31, 40, 00, 89, 3D, 2C, 31, 40, 00, 66, 8C, 15, 58, 31, 40, 00, 66, 8C, 0D, 4C, 31, 40, 00, 66, 8C, 1D, 28, 31, 40, 00, 66, 8C, 05, 24, 31, 40, 00, 66, 8C, 25, 20, 31, 40, 00, 66, 8C, 2D, 1C, 31, 40, 00, 9C, 8F, 05, 50, 31, 40, 00, 8B, 45, 00, A3, 44, 31, 40, 00, 8B, 45, 04, A3, 48, 31, 40, 00, 8D, 45, 08, A3, 54, 31, 40, 00, 8B...
 
[+]

Entropy:
4.7579

Code size:
2 KB (2,048 bytes)

The file {c93b9b4c-6b05-454e-9076-095704f729c7} has been seen being distributed by the following URL.

Remove {c93b9b4c-6b05-454e-9076-095704f729c7} - Powered by Reason Core Security