» hackxu_2012.exe
Overview
Analysis
File Details

hackxu_2012.exe

The executable hackxu_2012.exe has been detected as malware by 27 anti-virus scanners.

File name:

hackxu_2012.exe

Version:

3, 3, 6, 1

MD5:

dfa856248908b76e2147d4436aaafeb6

SHA-1:

0c9c6df9018daeb93d760538bf0bb97139281da4

SHA-256:

7fec563acf519f13bfc4a59e9c14ef4767c1c464a4661a07aded953a27322576

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/1/2025 8:33:17 PM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Trojan/Win32.AutoIt

2012.05.28

Avira AntiVirus

TR/Minggy.2.623

7.11.31.42

avast!

Win32:Malware-gen

2014.9-170315

AVG

Generic20

2018.0.2438

Bitdefender

Trojan.Generic.KDV.530778

1.0.20.370

Clam AntiVirus

Trojan.Refroso-2598

0.98/18155

Comodo Security

TrojWare.Win32.Trojan.Inject.ZY0

12429

Dr.Web

Tool.Camfrogpwd

9.0.1.074

Emsisoft Anti-Malware

Gen.Trojan.Heur!IK

8.17.03.15.01

ESET NOD32

Win32/Packed.MoleboxVS (variant)

11.7174

Fortinet FortiGate

W32/Autoit.M!tr.pws

3/15/2017

F-Prot

W32/Trojan2.NMJH

v6.4.6.5.141

F-Secure

Backdoor:W32/Bifrose.GNT

11.2017-15-03_4

G Data

Trojan.Generic.KDV.530778

17.3.22

IKARUS anti.virus

Gen.Trojan.Heur

t3scan.1.1.118.0

K7 AntiVirus

Trojan

13.140.6953

Kaspersky

Trojan-PSW.Win32.Autoit

14.0.0.-1313

McAfee

Artemis!DFA856248908

5600.6094

Norman

W32/Bifrose.CGTD

11.20170315

nProtect

Trojan.Generic.KDV.530778

12.05.28.01

Quick Heal

Backdoor.Bifrose.AE6

3.17.12.00

Total Defense

Win32/Bifrose.ANR

37.0.9932

Trend Micro House Call

TROJ_GEN.R4FCECK

7.2.74

Trend Micro

TROJ_GEN.R42CEAQ

10.465.15

Vba32 AntiVirus

Trojan.Refroso.bqxs

3.12.16.4

VIPRE Antivirus

Backdoor.Win32.Bifrose.gnt

11977

ViRobot

Trojan.Win32.PSWAutoit.1582051

2011.4.7.4223

File size:

1.6 MB (1,626,457 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\programs\hackxu_2012.exe

File PE Metadata

Compilation timestamp:

7/1/2010 12:39:56 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.56

Entry address:

0x1280

Entry point:

55, 89, E5, 83, EC, 08, C7, 04, 24, 01, 00, 00, 00, FF, 15, D4, A2, 40, 00, E8, B8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, D4, A2, 40, 00, E8, 98, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, F0, A2, 40, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, E4, A2, 40, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 83, EC, 08, E8, A5, 67, 00, 00, C7, 04, 24, 04, C3, 40, 00, B8, 08, D0, 40, 00, 89, 44, 24, 04, E8, C0, 57, 00, 00... 
[+]

Entropy:

7.9727

Packer / compiler:

MingWin32 - Dev C++ v4.x (h)

Code size:

32 KB (32,768 bytes)

Remove hackxu_2012.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.