home

código de rastreio 14-12-2015.exe

Serp

The executable código de rastreio 14-12-2015.exe has been detected as malware by 32 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from bit.ly and multiple other hosts.
Product:
Serp

Version:
1.0.0.0

MD5:
e4249c1b30733371a1e9cac36f1476da

SHA-1:
0ef2b13ae68c8123b02e355a06cdaee7bc8938f1

SHA-256:
a8f0bcad52f390ff42b2d459ecfadc9b874078e0c55be16a3f7bd9bf91822251

Scanner detections:
32 / 68

Status:
Malware

Analysis date:
1/2/2025 8:48:53 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2928194
375

Agnitum Outpost
Trojan.DL.Banload
7.1.1

Avira AntiVirus
TR/Downloader.A.32809
8.3.2.4

Arcabit
Trojan.Generic.D2CAE42
1.0.0.646

avast!
Win32:Malware-gen
2014.9-160126

AVG
Downloader.MSIL
2017.0.2853

Baidu Antivirus
Trojan.MSIL.Banload
4.0.3.16126

Bitdefender
Trojan.GenericKD.2928194
1.0.20.130

Comodo Security
UnclassifiedMalware
23992

Dr.Web
Trojan.DownLoader18.13182
9.0.1.026

Emsisoft Anti-Malware
Trojan.GenericKD.2928194
8.16.01.26.09

ESET NOD32
MSIL/TrojanDownloader.Banload.FQ (variant)
10.12897

Fortinet FortiGate
MSIL/Banload.FQ!tr.dldr
1/26/2016

F-Secure
Trojan.GenericKD.2928194
11.2016-26-01_3

G Data
Trojan.GenericKD.2928194
16.1.25

IKARUS anti.virus
Trojan-Downloader.MSIL.Banload
t3scan.1.9.5.0

K7 AntiVirus
Trojan-Downloader
13.212.18480

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.758

Malwarebytes
Trojan.Banload.BDB
v2016.01.26.09

McAfee
RDN/Generic Downloader.x
5600.6509

Microsoft Security Essentials
TrojanDownloader:MSIL/Banload.AO
1.1.12400.0

MicroWorld eScan
Trojan.GenericKD.2928194
17.0.0.78

NANO AntiVirus
Trojan.Win32.DownLoader18.dzjjuf
1.0.14.5380

nProtect
Trojan.GenericKD.2928194
16.01.20.01

Panda Antivirus
Trj/CI.A
16.01.26.09

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1077

Quick Heal
TrojanDownloader.Banload.r3
1.16.14.00

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16124

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R00XC0CLI15
10.465.26

VIPRE Antivirus
Trojan.Win32.Generic
46634

ViRobot
Trojan.Win32.Z.Banload.24064[h]
2014.3.20.0

File size:
23.5 KB (24,064 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Original file name:
StaCKpxOQKX.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\código de rastreio 14-12-2015.exe

File PE Metadata
Compilation timestamp:
12/15/2015 8:38:10 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
80.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:httgsUdahyA/c5wPRcOoaXj3SRVOXqTodThQfSXPzbsLqPewQJkQHuQkxQ8baRY9:hYsMA/c5wiVajSRrTMWfSrbAduU8baR6

Entry address:
0x739A

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
21 KB (21,504 bytes)

The file código de rastreio 14-12-2015.exe has been seen being distributed by the following 2 URLs.

http://bit.ly/223QUSW

https://storage-eu-14.sharefile.com/download.ashx?dt=dt5b0e85b753f24afc9451a1c5fd93c985&h=A9x0FMEpekOKvZSjmw3HUjNiS0iSNdFk UPvoq6Y1yM=

Remove código de rastreio 14-12-2015.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.