hacker facebook 2016.exe

The executable hacker facebook 2016.exe has been detected as malware by 18 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information. The file has been seen being downloaded from www18.uptobox.com.
Version:
1.0.0.0

MD5:
2bc8087d9e977b6e5d7383ad32473d7d

SHA-1:
41d6c0b9b51be24fcb84b67dc5071b4c05514810

SHA-256:
25f6ae1f23d638ae22dab50c50233ce9d258e5655597b2f8bf85af01b8855e5c

Scanner detections:
18 / 68

Status:
Malware

Analysis date:
12/27/2024 6:46:20 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.MSILPerseus.9027
303

AegisLab AV Signature
Troj.W32.Gen
2.1.4+

Avira AntiVirus
TR/Dropper.Gen
8.3.3.4

Arcabit
Trojan.MSILPerseus.D2343
1.0.0.666

avast!
MSIL:Agent-BKZ [Trj]
2014.9-160407

Baidu Antivirus
MSIL.Backdoor.Bladabindi
4.0.3.1647

Bitdefender
Gen:Variant.MSILPerseus.9027
1.0.20.490

Emsisoft Anti-Malware
Gen:Variant.MSILPerseus.9027
8.16.04.07.08

ESET NOD32
MSIL/Bladabindi.AH (variant)
10.13286

F-Secure
Gen:Variant.MSILPerseus.9027
11.2016-07-04_5

G Data
Gen:Variant.MSILPerseus.9027
16.4.25

IKARUS anti.virus
Trojan.MSIL.Crypt
t3scan.2.0.9.0

K7 AntiVirus
Trojan
13.221.19219

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.398

Microsoft Security Essentials
Backdoor:MSIL/Bladabindi.AL
1.1.12603.0

MicroWorld eScan
Gen:Variant.MSILPerseus.9027
17.0.0.294

Qihoo 360 Security
HEUR/QVM03.0.0000.Malware.Gen
1.0.0.1120

Rising Antivirus
PE:Backdoor.Bot!1.6675 [F]
23.00.65.16405

File size:
285.5 KB (292,352 bytes)

Product version:
1.0.0.0

Original file name:
Hacking.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\hacker facebook 2016.exe

File PE Metadata
Compilation timestamp:
4/5/2016 5:50:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:ly/G4g01yBMMZvGGnlpXBayatx08l3appuhDbQtj2:ly+4VyBMMZvxldpab08l3ajuh3QZ

Entry address:
0x47FDE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 79, CE, 21, 55, 9B, CE, 45, 92, 1E, 19, ED, 71, 79, 6D, CE, 9D, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 01, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 02, 00, 00, 00, 00, 96, 30, 07, 77, 2C, 61, 0E, EE, BA, 51, 09, 99, 19, C4, 6D, 07, 8F, F4, 6A, 70, 35, A5, 63, E9, A3, 95, 64, 9E, 32, 88, DB, 0E, A4, B8, DC, 79, 1E, E9, D5, E0, 88, D9...
 
[+]

Entropy:
6.4184

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
280 KB (286,720 bytes)

The file hacker facebook 2016.exe has been seen being distributed by the following URL.

Remove hacker facebook 2016.exe - Powered by Reason Core Security