gerador de pokemons shiny.exe

Gerador de Pokes Shiny

The executable gerador de pokemons shiny.exe has been detected as malware by 25 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fs13n1.sendspace.com and multiple other hosts.
Product:
Gerador de Pokes Shiny

Version:
1.0.0.0

MD5:
eedb8b039cb7313129b8bf83f733470a

SHA-1:
b12f7a1bede170a18bce64e234529311a14f03dd

SHA-256:
f30a77e46f5c500ebb9d6a07f90e1c8d76e7d082be3b95024e6a758dccdfda75

Scanner detections:
25 / 68

Status:
Malware

Analysis date:
12/26/2024 12:31:18 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.3158520
280

Avira AntiVirus
TR/Spy.Aconstel.jhsf
8.3.3.4

Arcabit
Trojan.Generic.D3031F8
1.0.0.672

avast!
Win32:Malware-gen
2014.9-160430

AVG
PSW.MSIL
2017.0.2758

Baidu Antivirus
MSIL.Trojan.Agent
4.0.3.16430

Bitdefender
Trojan.GenericKD.3158520
1.0.20.605

Bkav FE
W32.Clode58.Trojan
1.3.0.7744

Emsisoft Anti-Malware
Trojan.GenericKD.3158520
8.16.04.30.02

ESET NOD32
MSIL/PSW.Agent.ONZ (variant)
10.13375

Fortinet FortiGate
MSIL/Agent.NRZ!tr.pws
4/30/2016

F-Secure
Trojan.GenericKD.3158520
11.2016-30-04_7

G Data
Trojan.GenericKD.3158520
16.4.25

IKARUS anti.virus
Trojan.Spy
t3scan.2.0.9.0

McAfee
Artemis!EEDB8B039CB7
5600.6414

Microsoft Security Essentials
TrojanSpy:MSIL/Aconstel.A
1.1.12603.0

MicroWorld eScan
Trojan.GenericKD.3158520
17.0.0.363

NANO AntiVirus
Trojan.Win32.Aconstel.ebpjcj
1.0.30.8000

nProtect
Trojan.GenericKD.3158520
16.04.22.01

Panda Antivirus
Trj/Sharik.B
16.04.30.02

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16428

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R00JC0DDH16
10.465.30

VIPRE Antivirus
Trojan.Win32.Generic
48822

File size:
135 KB (138,240 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
Gerador de Pokes Shiny.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\gerador de pokemons shiny.exe

File PE Metadata
Compilation timestamp:
4/8/2016 8:21:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:PcwVqG/N/Zb3v8aFZ5C57+ufZ4Cmqjq0pJBydv/iHBocPZRH+m839:PV/Nx3jZ5++uh4dq7Tydv/

Entry address:
0x2264E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
130 KB (133,120 bytes)

The file gerador de pokemons shiny.exe has been seen being distributed by the following 5 URLs.

https://fs13n1.sendspace.com/dl/837d5ac78fcd44cacccac6d6559dc18a/57784c4e49bf97b0/.../Gerador de Pokemons Shiny.exe

https://fs13n4.sendspace.com/dl/6457eda18038f05419e725a6296cc11f/583220d70398ea89/.../Gerador de Pokemons Shiny.exe

https://fs13n1.sendspace.com/dl/785b4d0bb32d88abb524fcb0a8801df6/5761ef84315466e3/.../Gerador de Pokemons Shiny.exe

https://fs13n2.sendspace.com/dl/59358fddbb88245c428d6f01aceea02b/57a2bb8f368b621d/.../Gerador de Pokemons Shiny.exe

Remove gerador de pokemons shiny.exe - Powered by Reason Core Security