home

Exe To Vbs By Mouradv1.exe

Black Lotus Hexo

Dz

Publisher:
Dz

Product:
Black Lotus Hexo

Version:
1.00

MD5:
0a4440e384473a151acc7d1f48caecc2

SHA-1:
ef26c2a9bcd5b8f0925e437440222b0788b42fd6

SHA-256:
c467f761e0495a6748207930be77156b7a9412dbf02d8cb20e3361ce4a6be923

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 4:44:45 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V1215
7.2.190

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
24818

File size:
236 KB (241,664 bytes)

Product version:
1.00

Original file name:
Exe To Vbs By Mouradv1.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\exe to vbs by mouradv1.exe

File PE Metadata
Compilation timestamp:
12/15/2013 10:30:39 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:KEnYkzHGPHUwC3zAhwMCEsS4PisXZsr9VvYLS:KEnYgHGAS

Entry address:
0x16C4

Entry point:
68, 08, 86, 42, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 0A, 70, CD, EF, 96, C8, 5F, 4A, 91, 4B, 04, DC, E7, 63, C9, 30, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 48, 65, 78, 43, 6F, 6E, 76, 65, 72, 74, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 18, CB, 28, AE, 0B, B1, 89, 8A, 43, B4, 7B, 1B, 98, F0, E6, D5, 21, E0, 9F, 39, 96, F1, 07, 75, 4A, A7, 3D, 02, D6, 60, 2E, 60, B9, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
5.5265

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
188 KB (192,512 bytes)

The file Exe To Vbs By Mouradv1.exe has been seen being distributed by the following URL.

http://dc132.gulfup.com/TqKA1.exe

Scan Exe To Vbs By Mouradv1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.