home

funds transfer details.exe

OYiITdyN

Kapa

The executable funds transfer details.exe has been detected as malware by 4 anti-virus scanners.
Publisher:
Kapa  (signed and verified)

Product:
OYiITdyN

Version:
3.1.2.6

MD5:
f6147862c1d467541ec5ef10d08ed599

SHA-1:
b6d2260c2b254815cea78bb708ce1dee8f9f88c5

SHA-256:
f6634c4c1f7355fa2eb8de8570c75a1e88cac9f95a7a73d2929dd0126da26512

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
11/24/2024 8:28:53 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Broban-AR [Trj]
160503-1

Emsisoft Anti-Malware
Gen:Variant.Barys.52025
11.5.0.6191

ESET NOD32
MSIL/Kryptik.BRU trojan
8.0.319.0

Norman
Gen:Variant.Barys.52025
28.05.2016 15:32:18

File size:
1.5 MB (1,568,784 bytes)

Product version:
3.1.2.6

Copyright:
Copyright OYiITdyN © 2015

Original file name:
OYiITdyN.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:
Kapa

Authority:
getaCert - www.getacert.com

Valid from:
4/12/2015 6:19:44 AM

Valid to:
6/11/2015 6:19:44 AM

Subject:
E=support@msdkk.com, CN=Wonderwall, OU=Deilm, O=Kapa, L=Caimen, S=Ilsend, C=US

Issuer:
O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:
0E8E

File PE Metadata
Compilation timestamp:
4/13/2015 1:18:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:9HXUKfyG1mzVlCED1XzrIB/8ezBD33sknlUa415caxkvHPYf6J:uaD2HdtmNnskCt5qfZ

Entry address:
0x1547EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 60, 01, 00, 80, 10, 00, 00, 00, 90, 01, 00, 80, 18, 00, 00, 00, C0, 01, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 09, 00, 02, 00, 00, 00, 88, 00, 00, 80, 03, 00, 00, 00, A0, 00, 00, 80, 04, 00, 00, 00, B8, 00, 00, 80, 05, 00, 00, 00, D0, 00, 00, 80, 06, 00, 00, 00, E8, 00, 00, 80, 07, 00, 00, 00, 00, 01...
 
[+]

Entropy:
7.6439

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.3 MB (1,386,496 bytes)

Remove funds transfer details.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.