» flaretalk client.exe
Overview
Analysis
File Details
Downloads (1)

flaretalk client.exe

Gisus

The executable flaretalk client.exe has been detected as malware by 22 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.cubbyusercontent.com.

File name:

Publisher:

Gisus

Product:

Gisus

Version:

6.49.485.0

MD5:

da6b8c2d27001fe4c5e28a76f246c863

SHA-1:

ce8c5a60b55502f7b61e7a9865960589a2076b04

SHA-256:

a8d15c1a3d710873ed1c9fe13a746d9440b82805c41af3480372ba9a216c6b35

Scanner detections:

22 / 68

Status:

Malware

Analysis date:

12/28/2024 5:05:08 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.15329371

211

Avira AntiVirus

TR/Dropper.MSIL.232041

8.3.2.4

Arcabit

Trojan.Generic.DE9E85B

1.0.0.629

avast!

Win32:Trojan-gen

2014.9-160708

Bitdefender

Trojan.Generic.15329371

1.0.20.950

Dr.Web

Trojan.MulDrop6.15956

9.0.1.0190

Emsisoft Anti-Malware

Trojan.Generic.15329371

8.16.07.08.03

ESET NOD32

MSIL/Injector.MZE (variant)

10.12710

Fortinet FortiGate

W32/NanoBot.HIF!tr.bdr

7/8/2016

F-Secure

Trojan.Generic.15329371

11.2016-08-07_6

G Data

Trojan.Generic.15329371

16.7.25

Kaspersky

Backdoor.MSIL.NanoBot

14.0.0.-61

Malwarebytes

Backdoor.NanoCore

v2016.07.08.03

McAfee

Artemis!DA6B8C2D2700

5600.6345

Microsoft Security Essentials

Trojan:Win32/Skeeyah.A!rfn

1.1.12300.0

MicroWorld eScan

Trojan.Generic.15329371

17.0.0.570

nProtect

Trojan.Generic.15329371

15.12.11.01

Panda Antivirus

Generic Suspicious

16.07.08.03

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1077

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R047C0DL415

10.465.08

VIPRE Antivirus

Trojan.Win32.Generic

45776

File size:

1.8 MB (1,894,912 bytes)

Product version:

6.49.485.0

Trademarks:

Gisus

Original file name:

Gisus.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\flaretalk client.exe

File PE Metadata

Compilation timestamp:

12/1/2015 3:12:24 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

24576:wF43KkrzlOxtvmm1TH+tmTWjXgeLQTPWlocYIitmqoEhWmq/hWaL43KkrzvLPBNa:wFCy9mqWBCPleqoOiCd79Y

Entry address:

0x1CB99E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 58, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

1.8 MB (1,874,432 bytes)

The file flaretalk client.exe has been seen being distributed by the following URL.

https://www.cubbyusercontent.com/pl/.../_ff349b896ca345c79515c2705fbf33ff

Remove flaretalk client.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.