» hacker facebook 2016.exe
Overview
Analysis
File Details
Downloads (1)

hacker facebook 2016.exe

The executable hacker facebook 2016.exe has been detected as malware by 18 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information. The file has been seen being downloaded from www18.uptobox.com.

File name:

Version:

1.0.0.0

MD5:

2bc8087d9e977b6e5d7383ad32473d7d

SHA-1:

41d6c0b9b51be24fcb84b67dc5071b4c05514810

SHA-256:

25f6ae1f23d638ae22dab50c50233ce9d258e5655597b2f8bf85af01b8855e5c

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

11/16/2024 12:25:17 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.MSILPerseus.9027

303

AegisLab AV Signature

Troj.W32.Gen

2.1.4+

Avira AntiVirus

TR/Dropper.Gen

8.3.3.4

Arcabit

Trojan.MSILPerseus.D2343

1.0.0.666

avast!

MSIL:Agent-BKZ [Trj]

2014.9-160407

Baidu Antivirus

MSIL.Backdoor.Bladabindi

4.0.3.1647

Bitdefender

Gen:Variant.MSILPerseus.9027

1.0.20.490

Emsisoft Anti-Malware

Gen:Variant.MSILPerseus.9027

8.16.04.07.08

ESET NOD32

MSIL/Bladabindi.AH (variant)

10.13286

F-Secure

Gen:Variant.MSILPerseus.9027

11.2016-07-04_5

G Data

Gen:Variant.MSILPerseus.9027

16.4.25

IKARUS anti.virus

Trojan.MSIL.Crypt

t3scan.2.0.9.0

K7 AntiVirus

Trojan

13.221.19219

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.398

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AL

1.1.12603.0

MicroWorld eScan

Gen:Variant.MSILPerseus.9027

17.0.0.294

Qihoo 360 Security

HEUR/QVM03.0.0000.Malware.Gen

1.0.0.1120

Rising Antivirus

PE:Backdoor.Bot!1.6675 [F]

23.00.65.16405

File size:

285.5 KB (292,352 bytes)

Product version:

1.0.0.0

Original file name:

Hacking.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\hacker facebook 2016.exe

File PE Metadata

Compilation timestamp:

4/5/2016 5:50:09 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:ly/G4g01yBMMZvGGnlpXBayatx08l3appuhDbQtj2:ly+4VyBMMZvxldpab08l3ajuh3QZ

Entry address:

0x47FDE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 79, CE, 21, 55, 9B, CE, 45, 92, 1E, 19, ED, 71, 79, 6D, CE, 9D, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 00, 00, 00, 00, 96, 30, 07, 77, 2C, 61, 0E, EE, BA, 51, 09, 99, 19, C4, 6D, 07, 8F, F4, 6A, 70, 35, A5, 63, E9, A3, 95, 64, 9E, 32, 88, DB, 0E, A4, B8, DC, 79, 1E, E9, D5, E0, 88, D9... 
[+]

Entropy:

6.4184

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

280 KB (286,720 bytes)

The file hacker facebook 2016.exe has been seen being distributed by the following URL.

http://www18.uptobox.com/d/.../HACKER FACEBOOK 2016.exe

Remove hacker facebook 2016.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.