» diskete.exe
Overview
Analysis
File Details
Network (1)

diskete.exe

The executable diskete.exe has been detected as malware by 34 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup. While running, it connects to the Internet address double5.holm.ru on port 80 using the HTTP protocol.

File name:

diskete.exe

MD5:

68b56ae9f3ffad6caf69a3859784f6f0

SHA-1:

a25862ba75fc15f398a0dcbfacb6bc274a19ef33

SHA-256:

bfdcf90c50ef629b83fb2f8f4af11818d76f84008806e4fb0a0fa2089b115394

Scanner detections:

34 / 68

Status:

Malware

Analysis date:

12/27/2024 12:30:47 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.Elzob.8569

175

Agnitum Outpost

Trojan.DL.Delf

7.1.1

AhnLab V3 Security

Trojan/Win32.Scar

2014.03.09

Avira AntiVirus

TR/ATRAPS.Gen

7.11.135.186

avast!

Win32:Banload-HRX [Trj]

2014.9-160812

AVG

Downloader.Generic12

2017.0.2653

Baidu Antivirus

Trojan.Win32.Delf

4.0.3.16812

Bitdefender

Gen:Variant.Graftor.Elzob.8569

1.0.20.1125

Bkav FE

W32.OnGamesFELLGAAA.Trojan

1.3.0.4959

Clam AntiVirus

Win.Trojan.Delf-818

0.98/18355

Comodo Security

UnclassifiedMalware

17904

Dr.Web

BackDoor.DirtJump.5

9.0.1.0225

Emsisoft Anti-Malware

Gen:Variant.Graftor.Elzob.8569

8.16.08.12.09

ESET NOD32

Win32/TrojanDownloader.Delf.PNE

10.9518

Fortinet FortiGate

W32/DelpDldr.F

8/12/2016

F-Prot

W32/SelfStarterInternetTrojan!M

v6.4.7.1.166

F-Secure

Gen:Variant.Graftor.Elzob.8569

11.2016-12-08_6

G Data

Gen:Variant.Graftor.Elzob.8569

16.8.24

IKARUS anti.virus

Trojan-Downloader.Win32.Delf

t3scan.2.2.29

Kaspersky

HEUR:Trojan-Downloader.Win32.Generic

14.0.0.-239

Malwarebytes

Trojan.Banker

v2016.08.12.09

McAfee

Generic Downloader.kl

5600.6309

Microsoft Security Essentials

Trojan:Win32/Sisron

1.10302

MicroWorld eScan

Gen:Variant.Graftor.Elzob.8569

17.0.0.675

NANO AntiVirus

Trojan.Win32.ATRAPS.huybb

0.28.0.58101

Norman

Delf.GOWR

11.20160812

Panda Antivirus

Generic Trojan

16.08.12.09

Qihoo 360 Security

Win32/Trojan.8dd

1.0.0.1015

Quick Heal

Trojan.Sisron

8.16.12.00

Rising Antivirus

PE:Trojan.Win32.Generic.12B0E5CD!313583053

23.00.65.16810

Sophos

Mal/DelpDldr-F

4.98

Trend Micro

TROJ_SPNR.0CAM12

10.465.12

Vba32 AntiVirus

BScope.Trojan.Downloader

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic

27212

File size:

150 KB (153,600 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\diskete.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

3072:D8dTMkyxe1BCee3PfHaawa4gzZBTciYzvUY1h7rHL98QI:QdQMITpCAurHL

Entry address:

0x20DEC

Entry point:

55, 8B, EC, B9, 06, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, B8, FC, 0C, 42, 00, E8, 9B, 4B, FE, FF, 33, C0, 55, 68, 3C, 0F, 42, 00, 64, FF, 30, 64, 89, 20, 68, E8, 03, 00, 00, E8, 23, A7, FE, FF, B8, 50, 0F, 42, 00, E8, 39, F5, FF, FF, 84, C0, 0F, 84, E3, 00, 00, 00, E8, 0C, F8, FF, FF, 8D, 45, EC, E8, 98, F7, FF, FF, 8D, 45, EC, BA, 6C, 0F, 42, 00, E8, 9F, 31, FE, FF, 8B, 45, EC, E8, E3, 64, FE, FF, 84, C0, 0F, 85, A9, 00, 00, 00, 8D, 45, E8, E8, 73, F7, FF, FF, 8D, 45, E8, BA, 84, 0F, 42, 00, E8, 7A, 31... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

128.5 KB (131,584 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to double5.holm.ru (89.108.91.180:80)

Remove diskete.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.