home

cw hack v3.exe

IKO-PROF

The application cw hack v3.exe by IKO-PROF has been detected as a potentially unwanted program by 3 anti-malware scanners.
Publisher:
IKO-PROF  (signed and verified)

MD5:
1702ceb5b147e4e9847f4594857f4b86

SHA-1:
775e408f208a0b1e8a87e29c40101a8539751556

SHA-256:
bb21c9888b50ab836c68e06e784f2f05843bb063dbd3a0d462133424f207f89d

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 2:59:00 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Kryptik.EJVJ trojan
6.3.12010.0

Kaspersky
not-a-virus:Downloader.Win32.LMN
15.0.2.529

Reason Heuristics
PUP.Somoto (M)
17.2.23.17

File size:
577 KB (590,848 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\temp\rar$exa0.319\cw hack v3.exe

Digital Signature
Signed by:
IKO-PROF

Authority:
COMODO CA Limited

Valid from:
8/26/2015 3:00:00 AM

Valid to:
8/26/2016 2:59:59 AM

Subject:
CN="""IKO-PROF"", OOO", O="""IKO-PROF"", OOO", STREET="2-y Luch, 16 Ofis, 45", L=Saint-Petersburg, S=Saint-Petersburg, PostalCode=192019, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00BC2915F4441B9D8AC34D01058C89EAE7

File PE Metadata
Compilation timestamp:
1/2/2016 10:15:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x14EB

Entry point:
55, 8B, EC, 6A, FF, 68, 68, 22, 41, 00, 68, 08, 22, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 84, 50, 40, 00, 33, D2, 8A, D4, 89, 15, 60, 35, 44, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 5C, 35, 44, 00, C1, E1, 08, 03, CA, 89, 0D, 58, 35, 44, 00, C1, E8, 10, A3, 54, 35, 44, 00, 33, F6, 56, E8, 89, 0B, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, C9, 09, 00, 00, FF, 15, 80, 50, 40, 00, A3, 78, 4A, 44, 00, E8...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
16 KB (16,384 bytes)

Remove cw hack v3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.