diujtvgfht.exe

Qt Designer

Digia Plc and/or its subsidiary(-ies)

The executable diujtvgfht.exe has been detected as malware by 23 anti-virus scanners. The file has been seen being downloaded from evaporez.com.
Publisher:
Digia Plc and/or its subsidiary(-ies)

Product:
Qt Designer

Version:
1.0.0.0

MD5:
c68eb71a17e62a9436db7ffbc0acd437

SHA-1:
def86fb0020b3575d7f211ed6c0a03d3f46e4985

SHA-256:
d72fea7f4163b8e8f586318cbd6fd9e066ad4c1d3f41b9c6d6162ba88572ff1d

Scanner detections:
23 / 68

Status:
Malware

Analysis date:
12/25/2024 1:06:44 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
DR/Delphi.A.9444
8.3.2.2

Arcabit
Trojan.Zusy.D29259
1.0.0.590

avast!
Win32:Malware-gen
2014.9-151211

AVG
Inject3
2016.0.2898

Baidu Antivirus
Trojan.Win32.Dropper
4.0.3.151211

Bitdefender
Gen:Variant.Zusy.168537
1.0.20.1725

Dr.Web
Win32.HLLW.Phorpiex.54
9.0.1.0345

Emsisoft Anti-Malware
Gen:Variant.Zusy.168537
8.15.12.11.03

ESET NOD32
Win32/Injector.CLUQ (variant)
9.12531

Fortinet FortiGate
W32/Injector.NPQY!tr
12/11/2015

G Data
Gen:Variant.Zusy.168537
15.12.25

IKARUS anti.virus
Trojan.Win32.Injector
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.212.17782

Kaspersky
Trojan-Dropper.Win32.Injector
14.0.0.987

McAfee
GenericR-EYH!C68EB71A17E6
5600.6554

MicroWorld eScan
Gen:Variant.Zusy.168537
16.0.0.1035

NANO AntiVirus
Trojan.Win32.Injector.dylvmi
0.30.26.4437

Panda Antivirus
Generic Suspicious
15.12.11.03

Qihoo 360 Security
Win32/Trojan.Dropper.b98
1.0.0.1077

Quick Heal
TrojanDropper.Injector.r8
12.15.14.00

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.151209

Sophos
Mal/Generic-S
4.98

VIPRE Antivirus
Trojan.Win32.Generic
45068

File size:
790.5 KB (809,472 bytes)

Product version:
1.0.0.0

Copyright:
Copyright (C) 2015 The Qt Company Ltd.

Original file name:
designer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\diujtvgfht.exe

File PE Metadata
Compilation timestamp:
10/30/2014 10:30:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:9Zj/d3/4wJtAWfVRCGpY5G3BOnxTWg4AF:HWwbPIvJWQF

Entry address:
0x99148

Entry point:
55, 8B, EC, 83, C4, F0, B8, E8, 8E, 49, 00, E8, A0, D8, F6, FF, A1, B8, 1C, 4A, 00, 8B, 00, E8, C4, 19, FC, FF, 8B, 0D, 24, 1E, 4A, 00, A1, B8, 1C, 4A, 00, 8B, 00, 8B, 15, 08, 87, 49, 00, E8, C4, 19, FC, FF, A1, B8, 1C, 4A, 00, 8B, 00, E8, 38, 1A, FC, FF, E8, 07, B2, F6, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6759

Developed / compiled with:
Microsoft Visual C++

Code size:
608.5 KB (623,104 bytes)

The file diujtvgfht.exe has been seen being distributed by the following URL.

Remove diujtvgfht.exe - Powered by Reason Core Security