gerador de zp 2016 atualizado.exe

The executable gerador de zp 2016 atualizado.exe has been detected as malware by 41 anti-virus scanners. This is a setup program which is used to install the application. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information. The file has been seen being downloaded from dc525.4shared.com.
MD5:
1e3b6414aa6ffb233a733a506746a2c9

SHA-1:
72b2c2e9d17c9e549e5ebb22aa57a21ff6c6d9c8

SHA-256:
dffa54e028481afceb230064af4a1e68c6099a9cff1636e907c3e1086c9c1909

Scanner detections:
41 / 68

Status:
Malware

Analysis date:
12/27/2024 7:28:59 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.MSIL.Bladabindi.2
300

AegisLab AV Signature
Troj.W32.Gen.mbuY
2.1.4+

AhnLab V3 Security
Trojan/Win32.Bladabindi
2016.04.10

Avira AntiVirus
TR/ATRAPS.Gen
8.3.3.4

Arcabit
Trojan.MSIL.Bladabindi.2
1.0.0.666

avast!
MSIL:Agent-BXF [Trj]
2014.9-160410

AVG
PSW.ILUSpy
2017.0.2778

Baidu Antivirus
MSIL.Backdoor.Bladabindi
4.0.3.16410

Bitdefender
Gen:Variant.MSIL.Bladabindi.2
1.0.20.505

Bkav FE
W32.AchisanA.Trojan
1.3.0.7744

Clam AntiVirus
Win.Trojan.B-468
0.98/21511

Comodo Security
TrojWare.MSIL.Bladabindi.KX
24764

Dr.Web
BackDoor.Bladabindi.4435
9.0.1.0101

Emsisoft Anti-Malware
Gen:Variant.MSIL.Bladabindi
8.16.04.10.08

ESET NOD32
MSIL/Bladabindi.AS (variant)
10.13309

Fortinet FortiGate
MSIL/Agent.PPV!tr
4/10/2016

F-Prot
W32/MSIL_Bladabindi.A2.gen
v6.4.7.1.166

F-Secure
Gen:Variant.MSIL.Bladabindi.2
11.2016-10-04_1

G Data
Gen:Variant.MSIL.Bladabindi
16.4.25

IKARUS anti.virus
Trojan.Msil
t3scan.2.0.9.0

K7 AntiVirus
Trojan
13.221.19261

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.383

Malwarebytes
Trojan.Agent.MSIL
v2016.04.10.08

McAfee
BackDoor-NJRat!1E3B6414AA6F
5600.6434

Microsoft Security Essentials
Backdoor:MSIL/Bladabindi.AJ
1.1.12603.0

MicroWorld eScan
Gen:Variant.MSIL.Bladabindi.2
17.0.0.303

NANO AntiVirus
Trojan.Win32.DownLoader10.dbxzfj
1.0.18.7201

nProtect
Trojan/W32.Agent.29696.WP
16.04.08.01

Panda Antivirus
Trj/CI.A
16.04.10.08

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

Quick Heal
Backdoor.Bladabindi.AL3
4.16.14.00

Rising Antivirus
PE:Backdoor.MSIL.Bladabindi!1.9E49 [F]
23.00.65.16408

Sophos
Troj/DotNet-P
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Barys
9212

Total Defense
Win32/DotNetDl.A!generic
37.1.62.1

Trend Micro House Call
BKDR_BLADABI.SMC
7.2.101

Trend Micro
BKDR_BLADABI.SMC
10.465.10

Vba32 AntiVirus
Trojan.MSIL.Disfa
3.12.26.4

VIPRE Antivirus
Trojan.MSIL.Bladabindi.agxy
48502

ViRobot
Trojan.Win32.Z.Bladabindi.29696.GOI[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Bladabindi.Win32.14971
2.0.0.2773

File size:
29 KB (29,696 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\gerador de zp 2016 atualizado.exe

File PE Metadata
Compilation timestamp:
3/23/2016 11:48:20 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:Y7RmpgGD1BH9D8qbILeuBKh0p29SgRiJ:Y7RKIcIrKhG29jiJ

Entry address:
0x8B0E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
27 KB (27,648 bytes)

The file gerador de zp 2016 atualizado.exe has been seen being distributed by the following URL.

Remove gerador de zp 2016 atualizado.exe - Powered by Reason Core Security