» diujtvgfht.exe
Overview
Analysis
File Details
Downloads (1)

diujtvgfht.exe

Qt Designer

Digia Plc and/or its subsidiary(-ies)

The executable diujtvgfht.exe has been detected as malware by 23 anti-virus scanners. The file has been seen being downloaded from evaporez.com.

File name:

diujtvgfht.exe

Publisher:

Digia Plc and/or its subsidiary(-ies)

Product:

Qt Designer

Version:

1.0.0.0

MD5:

c68eb71a17e62a9436db7ffbc0acd437

SHA-1:

def86fb0020b3575d7f211ed6c0a03d3f46e4985

SHA-256:

d72fea7f4163b8e8f586318cbd6fd9e066ad4c1d3f41b9c6d6162ba88572ff1d

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

11/5/2024 1:40:24 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

DR/Delphi.A.9444

8.3.2.2

Arcabit

Trojan.Zusy.D29259

1.0.0.590

avast!

Win32:Malware-gen

2014.9-151211

AVG

Inject3

2016.0.2898

Baidu Antivirus

Trojan.Win32.Dropper

4.0.3.151211

Bitdefender

Gen:Variant.Zusy.168537

1.0.20.1725

Dr.Web

Win32.HLLW.Phorpiex.54

9.0.1.0345

Emsisoft Anti-Malware

Gen:Variant.Zusy.168537

8.15.12.11.03

ESET NOD32

Win32/Injector.CLUQ (variant)

9.12531

Fortinet FortiGate

W32/Injector.NPQY!tr

12/11/2015

G Data

Gen:Variant.Zusy.168537

15.12.25

IKARUS anti.virus

Trojan.Win32.Injector

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.212.17782

Kaspersky

Trojan-Dropper.Win32.Injector

14.0.0.987

McAfee

GenericR-EYH!C68EB71A17E6

5600.6554

MicroWorld eScan

Gen:Variant.Zusy.168537

16.0.0.1035

NANO AntiVirus

Trojan.Win32.Injector.dylvmi

0.30.26.4437

Panda Antivirus

Generic Suspicious

15.12.11.03

Qihoo 360 Security

Win32/Trojan.Dropper.b98

1.0.0.1077

Quick Heal

TrojanDropper.Injector.r8

12.15.14.00

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.151209

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

45068

File size:

790.5 KB (809,472 bytes)

Product version:

1.0.0.0

Original file name:

designer.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\diujtvgfht.exe

File PE Metadata

Compilation timestamp:

10/30/2014 10:30:25 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:9Zj/d3/4wJtAWfVRCGpY5G3BOnxTWg4AF:HWwbPIvJWQF

Entry address:

0x99148

Entry point:

55, 8B, EC, 83, C4, F0, B8, E8, 8E, 49, 00, E8, A0, D8, F6, FF, A1, B8, 1C, 4A, 00, 8B, 00, E8, C4, 19, FC, FF, 8B, 0D, 24, 1E, 4A, 00, A1, B8, 1C, 4A, 00, 8B, 00, 8B, 15, 08, 87, 49, 00, E8, C4, 19, FC, FF, A1, B8, 1C, 4A, 00, 8B, 00, E8, 38, 1A, FC, FF, E8, 07, B2, F6, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6759

Developed / compiled with:

Microsoft Visual C++

Code size:

608.5 KB (623,104 bytes)

The file diujtvgfht.exe has been seen being distributed by the following URL.

http://evaporez.com/w.exe

Remove diujtvgfht.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.