hacker-pb-kaybo-04-07-2016-k-k.exe

software

The application hacker-pb-kaybo-04-07-2016-k-k.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fs01n3.sendspace.com.
Publisher:
software

Product:
software

Version:
1.0.0.0

MD5:
82c306e10d31239e57352858abd2d208

SHA-1:
3635660fff894b4070c56ae941051528b034a74e

SHA-256:
e7650d7ce863cf6fce8000373ee18d7cc74d113bfac51bf490b4b5af840e6ac9

Scanner detections:
27 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 5:06:04 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.15881516
213

AhnLab V3 Security
Trojan/Win32.Skeeyah.C1327646
3.7.4.14

Avira AntiVirus
TR/Dropper.Gen
8.3.3.4

Arcabit
Trojan.Generic.DF2552C
1.0.0.741

avast!
Win32:Adware-gen [Adw]
2014.9-160706

AVG
MSIL9
2017.0.2691

Bitdefender
Trojan.Generic.15881516
1.0.20.940

Clam AntiVirus
Win.Trojan.Agent-1387290
0.98/21511

Comodo Security
TrojWare.MSIL.TrojanDropper.Agent.DQ
25387

Dr.Web
Trojan.DownLoader20.6369
9.0.1.0188

Emsisoft Anti-Malware
Trojan.Generic.15881516
8.16.07.06.09

ESET NOD32
MSIL/TrojanDropper.Agent.CIA
10.13749

Fortinet FortiGate
MSIL/Dropper.B!tr
7/6/2016

F-Secure
Trojan.Generic.15881516
11.2016-06-07_4

G Data
Trojan.Generic.15881516
16.7.25

IKARUS anti.virus
Trojan.Dropper
t3scan.2.1.6.0

K7 AntiVirus
Trojan
13.232.20124

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-52

Malwarebytes
Trojan.Agent.MSIL
v2016.07.06.09

McAfee
Dropper-FQD!82C306E10D31
5600.6347

Microsoft Security Essentials
Trojan:Win32/Skeeyah.A!rfn
1.1.12902.0

MicroWorld eScan
Trojan.Generic.15881516
17.0.0.564

NANO AntiVirus
Trojan.Win32.Agent.ebomar
1.0.38.8984

nProtect
Trojan.Generic.15881516
16.07.04.01

Qihoo 360 Security
QVM03.0.Malware.Gen
1.0.0.1120

Sophos
Troj/MSIL-GXM
4.98

Trend Micro House Call
TROJ_GENERIK_FE250289.UVPM
7.2.188

File size:
70 KB (71,719 bytes)

Product version:
1.0.0.0

Copyright:
software

Trademarks:
software

Original file name:
software.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\hacker-pb-kaybo-04-07-2016-k-k.exe

File PE Metadata
Compilation timestamp:
2/28/2016 1:03:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:pAtR9FlvGc2YpfXrcqgZTiqnmP4r7rQdB2L1FMx2Flsd5hbo:pEr5XrcqgZ/mc70UMwUK

Entry address:
0x5D1E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
15.5 KB (15,872 bytes)

The file hacker-pb-kaybo-04-07-2016-k-k.exe has been seen being distributed by the following URL.

Remove hacker-pb-kaybo-04-07-2016-k-k.exe - Powered by Reason Core Security