filmi-izle.exe

Video Player Plugin

Dizi Company LTDSTI

The executable filmi-izle.exe has been detected as malware by 26 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.bufiyataolmaz.com.
Publisher:
Dizi Company LTDSTI

Product:
Video Player Plugin

Description:
Video Player

Version:
1.0.0.0

MD5:
7e48dcbcdb743959d9b3f1d54e0fd52e

SHA-1:
104ce70bfdb4f7a78155d972259e15c52fa01450

SHA-256:
ee5aa5cc11ec6d742be63c2de62a1767105b2c5a745016084c96174ba5dd93ed

Scanner detections:
26 / 68

Status:
Malware

Analysis date:
11/26/2024 11:42:44 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.9531917
930

Agnitum Outpost
Trojan.CL.Reksed
7.1.1

Avira AntiVirus
TR/Agent.395776.82
7.11.156.126

avast!
Win32:Malware-gen
2014.9-140719

AVG
MSIL
2015.0.3408

Baidu Antivirus
Trojan.MSIL.Agent
4.0.3.14719

Bitdefender
Trojan.Generic.9531917
1.0.20.1000

Comodo Security
UnclassifiedMalware
18646

Emsisoft Anti-Malware
Trojan.Generic.9531917
8.14.07.19.01

ESET NOD32
MSIL/Agent.OFQ (variant)
8.9989

F-Secure
Trojan.Generic.9531917
11.2014-19-07_7

G Data
Trojan.Generic.9531917
14.7.24

IKARUS anti.virus
Trojan.Msil
t3scan.1.6.1.0

K7 AntiVirus
Riskware
13.180.12498

McAfee
Artemis!7E48DCBCDB74
5600.7064

Microsoft Security Essentials
TrojanClicker:MSIL/Reksed.A
1.10701

MicroWorld eScan
Trojan.Generic.9531917
15.0.0.600

NANO AntiVirus
Trojan.Win32.Agent.czsaag
0.28.0.60475

Norman
Suspicious_Gen4.ESCUP
11.20140719

nProtect
Trojan.Generic.9531917
14.06.23.01

Panda Antivirus
Generic Malware
14.07.19.01

Qihoo 360 Security
Win32/Trojan.05f
1.0.0.1015

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_GEN.R00GC0DK313
7.2.200

Trend Micro
TROJ_GEN.R00GC0DK313
10.465.19

VIPRE Antivirus
Trojan.Win32.Generic
30588

File size:
386.5 KB (395,776 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2012

Trademarks:
VideoPlayer LTD

Original file name:
VideoPlayer.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\users\{user}\downloads\filmi-izle.exe

File PE Metadata
Compilation timestamp:
1/26/2013 3:38:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:ILAX1I709jJrKljlewNs0EqFja0lD9QiaLcFm0IL13ZlBhy73hjozJXgEHw41BrG:yAxKljlV9QpbjHlngKhlc

Entry address:
0x498BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
286.5 KB (293,376 bytes)

The file filmi-izle.exe has been seen being distributed by the following URL.

Remove filmi-izle.exe - Powered by Reason Core Security