hacker+facebook.exe

Gallery

The application hacker+facebook.exe has been detected as a potentially unwanted program by 29 anti-malware scanners. The file has been seen being downloaded from api.ge.tt.
Publisher:
Microsoft*  (Invalid match)

Product:
Gallery

Version:
1.0.0.0

MD5:
bec7c76f5f6346f898b4286d1b78d16f

SHA-1:
8e91c432d22e01cc69939b687d05f3a54af170fb

SHA-256:
95b3fb4efd74931aabc5cf295866ce57aa942ec148d1eaac8676f74b44c283b2

Scanner detections:
29 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 5:31:51 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.3167553
216

Avira AntiVirus
TR/Dropper.MSIL.274217
8.3.3.4

Arcabit
Trojan.Generic.D305541
1.0.0.672

avast!
Win32:Malware-gen
2014.9-160702

Baidu Antivirus
Adware.MSIL.iBryte
4.0.3.1672

Bitdefender
Trojan.GenericKD.3167553
1.0.20.920

Comodo Security
UnclassifiedMalware
24913

Emsisoft Anti-Malware
Trojan.GenericKD.3167553
8.16.07.02.02

ESET NOD32
MSIL/Kryptik.BQX (variant)
10.13427

Fortinet FortiGate
W32/Generic.BQX!tr
7/2/2016

F-Secure
Trojan.GenericKD.3167553
11.2016-02-07_7

G Data
Trojan.GenericKD.3167553
16.7.25

IKARUS anti.virus
Trojan.MSIL.Injector
t3scan.2.0.9.0

K7 AntiVirus
Trojan
13.224.19481

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-33

Malwarebytes
Trojan.Agent
v2016.07.02.02

McAfee
Artemis!BEC7C76F5F63
5600.6350

Microsoft Security Essentials
Trojan:Win32/Skeeyah.A!rfn
1.1.12706.0

MicroWorld eScan
Trojan.GenericKD.3167553
17.0.0.552

NANO AntiVirus
Trojan.Win32.Kryptik.ebrjbm
1.0.30.8136

nProtect
Trojan.GenericKD.3167553
16.05.02.01

Panda Antivirus
Trj/CI.A
16.07.02.02

Qihoo 360 Security
Win32/Trojan.Dropper.f19
1.0.0.1120

Quick Heal
Trojan.Skeeyah.r4
7.16.14.00

Rising Antivirus
Trojan.Confuser!1.A352-ZQwUr5EJfZJ (Cloud)
23.00.65.16630

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R00XC0DDK16
10.465.02

VIPRE Antivirus
Trojan.Win32.Generic
49096

ViRobot
Trojan.Win32.Z.Skeeyah.367616[h]
2014.3.20.0

File size:
359 KB (367,616 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Microsoft 2015

Original file name:
Gallery.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\hacker+facebook.exe

File PE Metadata
Compilation timestamp:
2/16/2016 2:38:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:kzruvoP97+rqaNlvRP/yuSswgtHQ3LMgw0p:wrf97lanx6ZgtHg

Entry address:
0x40A5E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7641

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
251 KB (257,024 bytes)

The file hacker+facebook.exe has been seen being distributed by the following URL.

Remove hacker+facebook.exe - Powered by Reason Core Security