GSZWjyfm.exe

GSZWjyfm

Dinosaur

The file GSZWjyfm.exe has been detected as malware by 14 anti-virus scanners.
Publisher:
Dinosaur  (signed and verified)

Product:
GSZWjyfm

Version:
2.1.4.7

MD5:
97a249810c231b31b11b6eddda33e955

SHA-1:
d35f7cfe5d1bbaeb266d801d66212f09a16ef70d

SHA-256:
40e3d8dcaf4a548a68848648ef6c748acdc714ad7ec579a50ac0aaa2ab5f9157

Scanner detections:
14 / 68

Status:
Malware

Analysis date:
11/24/2024 11:50:46 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.13128564
335

Avira AntiVirus
TR/Injector.549392.1
3.6.1.96

AVG
MSIL7
2017.0.2813

Bitdefender
Trojan.Generic.13128564
1.0.20.330

Emsisoft Anti-Malware
Trojan.Generic.13128564
8.16.03.06.10

ESET NOD32
MSIL/Injector.IZQ (variant)
10.11450

Fortinet FortiGate
MSIL/Injector.IXP!tr
3/6/2016

G Data
Trojan.Generic.13128564
16.3.25

IKARUS anti.virus
Trojan.MSIL.Injector
t3scan.1.8.9.0

K7 AntiVirus
Trojan
13.202.15544

McAfee
Artemis!97A249810C23
5600.6469

MicroWorld eScan
Trojan.Generic.13128564
17.0.0.198

nProtect
Trojan.Generic.13128564
15.04.09.02

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

File size:
536.5 KB (549,392 bytes)

Product version:
2.1.4.7

Copyright:
Copyright GSZWjyfm © 2015

Original file name:
GSZWjyfm.exe

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\e9bb.tmp

Digital Signature
Signed by:

Authority:
getaCert - www.getacert.com

Valid from:
4/2/2015 3:58:13 AM

Valid to:
6/1/2015 3:58:13 AM

Subject:
E=LOL@run.away, CN=Melaldon, OU=Carnivore, O=Dinosaur, L=Cali, S=Pandora, C=NL

Issuer:
O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:
0DF6

File PE Metadata
Compilation timestamp:
4/3/2015 11:13:37 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:sEzpQsCKYf9bSzkOyBvjy88LeB3/KfAjrn2CcXF3g:sE165SQOyBvjd86BcF3g

Entry address:
0x760BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.7776

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
464.5 KB (475,648 bytes)

Remove GSZWjyfm.exe - Powered by Reason Core Security