hajarshortcutvirusv1.0.exe

Hajar Virus Shortcut

Riptek Unnes | prase pti

The executable hajarshortcutvirusv1.0.exe has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc408.4shared.com.
Publisher:
Riptek Unnes | prase pti

Product:
Hajar Virus Shortcut

Version:
1.00

MD5:
f1811c3701fcf4370713ccdd53e98b77

SHA-1:
9e8e1b7271aebed8b5791fc5830281d80ffa4ab6

SHA-256:
aeb34a39316996f4cb0ed4d46f832936e3dc430fee4225a4e62f44df8a12df54

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
12/25/2024 6:08:30 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Agent.413696.53
7.11.155.64

avast!
Win32:Malware-gen
2014.9-160128

F-Prot
W32/VBTrojan.19F3
v6.4.7.1.166

G Data
Win32.Trojan.Agent.F9W6E3
16.1.24

Quick Heal
Trojan.VB.Gen
1.16.14.00

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.16126

File size:
404 KB (413,696 bytes)

Product version:
1.00

Original file name:
Hajar Shortcut Virus v1.0.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\hajarshortcutvirusv1.0.exe

File PE Metadata
Compilation timestamp:
9/1/2010 1:46:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:yNAZ2Ke0ruxs/vXz9O1EzSKicT4AZ2Ke09:SA+0Is/vROl5A+0

Entry address:
0x1414

Entry point:
68, 84, 2A, 43, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, DF, A8, 82, DC, CC, C1, 8F, 4B, AF, 9D, B7, 23, B2, 56, 2C, 29, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, F4, 35, 01, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, C1, 40, 00, 08, C1, 40, 00, 00, 00, 00, 00, FF, CC, 31, 00, 11, E7, 30, AA, 43, 42, A5, 07, 42, B3, 6E, D4, 44, D2, 2B, DD, E7, 4C, 60, BF, 05, BE, 48, CC, 45, 91, 94, A0, 73, 29, 27, 05, DC, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
7.6923

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
284 KB (290,816 bytes)

The file hajarshortcutvirusv1.0.exe has been seen being distributed by the following URL.

Remove hajarshortcutvirusv1.0.exe - Powered by Reason Core Security