» cxlhwncmuuhuure.exe
Overview
Analysis
File Details
Downloads (1)

cxlhwncmuuhuure.exe

The executable cxlhwncmuuhuure.exe has been detected as malware by 18 anti-virus scanners. The file has been seen being downloaded from s1.sfcdn.in.

File name:

cxlhwncmuuhuure.exe

Version:

0.0.0.0

MD5:

01bf5eea1e4d5e7510fe39c89756b143

SHA-1:

b322bfa1ea38c155aa31749114dcea65a412b55c

SHA-256:

b5460e3ef0f979ed28334c9a240497b03f3c11839e660299e53958341eb4d827

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

11/23/2024 8:12:44 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

BDS/MSIL.Bladabindi.4089

7.11.117.176

avast!

Win32:Malware-gen

2014.9-160628

AVG

Generic35

2017.0.2699

Baidu Antivirus

Trojan.MSIL.Zapchast

4.0.3.16628

Dr.Web

Trojan.DownLoader10.46555

9.0.1.0180

Fortinet FortiGate

W32/Zapchast.BAUU!tr

6/28/2016

IKARUS anti.virus

Backdoor.MSIL

t3scan.2.2.29

K7 AntiVirus

Riskware

13.174.10396

Kaspersky

Trojan.MSIL.Zapchast

14.0.0.-11

McAfee

RDN/Generic BackDoor!va

5600.6355

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi

1.163.1557.0

Norman

Troj_Generic.RDPJX

11.20160628

Panda Antivirus

Trj/CI.A

16.06.28.07

Quick Heal

Backdoor.Bladabindi

6.16.12.00

Sophos

Mal/Generic-S

4.95

Trend Micro House Call

TROJ_GEN.R0CCC0DKI13

7.2.180

Trend Micro

TROJ_GEN.R0CCC0DKI13

10.465.28

VIPRE Antivirus

Trojan.Win32.Generic

23996

File size:

72 KB (73,728 bytes)

Product version:

0.0.0.0

Original file name:

avast!.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\temp\cxlhwncmuuhuure.exe

File PE Metadata

Compilation timestamp:

10/28/2013 5:29:06 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:BkmDlpVCpHmzjNRMJbadrrSiU7h2nVNcL3y3HAvgxERa011Tgugn5mtYUJl+AJ:BjxIHaL7zUAvc23Hcva0ngugn5+YaB

Entry address:

0x10812

Entry point:

FF, 25, 00, 20, 40, 00, 2E, 44, 70, 67, 4D, 49, 73, BF, 54, 5D, DF, 09, 54, 1A, C6, 2E, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 03, 00, 00, 00, 04, 00, 00, 00, 05, 00, 00, 00, 06, 00, 00, 00, 07, 00, 00, 00, 08, 00, 00, 00, 09, 00, 00, 00, 0A, 00, 00, 00, 0B, 00, 00, 00, 0D, 00, 00, 00, 0F, 00, 00, 00, 11, 00, 00, 00, 13, 00, 00, 00, 17, 00, 00, 00, 1B, 00, 00, 00, 1F, 00, 00, 00, 23, 00, 00, 00, 2B, 00, 00, 00, 33, 00... 
[+]

Entropy:

6.8490

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

60 KB (61,440 bytes)

The file cxlhwncmuuhuure.exe has been seen being distributed by the following URL.

http://s1.sfcdn.in/M2FjYTA4NWI3NTAzYTE2NTJlNWJjYWI4ZWM1YzhkNWE2MDBjMzAzZToxVmhMR1Q6Szh4UWlJM2RpU3BvcTB1b3VnS1lLYWRDQUFZ/.../Netsh.exe

Remove cxlhwncmuuhuure.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.