» hammer venezuela.exe
Overview
Analysis
File Details
Downloads (1)

hammer venezuela.exe

Hammer 97D

Venezuela

The executable hammer venezuela.exe has been detected as malware by 24 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc725.4shared.com.

File name:

Publisher:

Venezuela

Product:

Hammer 97D

Description:

DarkTerro

Version:

2.2.1.1

MD5:

65d79c046ae794718907de7ab58ca906

SHA-1:

cb6f346c9089e4f9adfe7fedf2d4ec5c11846408

SHA-256:

41ec2f36b04818cc3164d81d0dd3d2f56e595d3bf57153845927ab7297338ef4

Scanner detections:

24 / 68

Status:

Malware

Analysis date:

12/26/2024 4:24:09 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Packed.Libix.Gen.9

236

Agnitum Outpost

Packed/Themida

7.1.1

Arcabit

Trojan.Packed.Libix.Gen.9

1.0.0.425

avast!

Win32:Malware-gen

2014.9-160613

AVG

Win32/Themida

2017.0.2714

Baidu Antivirus

Trojan.Win32.Black

4.0.3.16613

Bitdefender

Trojan.Packed.Libix.Gen.9

1.0.20.825

Bkav FE

HW32.Packed

1.3.0.7062

Comodo Security

Packed.Win32..Black.~A

23034

Dr.Web

Trojan.Packed.650

9.0.1.0165

Emsisoft Anti-Malware

Trojan.Packed.Libix.Gen

8.16.06.13.05

ESET NOD32

Win32/Packed.Themida.AAE (variant)

10.12110

Fortinet FortiGate

PossibleThreat

6/13/2016

F-Secure

Trojan.Packed.Libix.Gen.9

11.2016-13-06_2

G Data

Trojan.Packed.Libix.Gen

16.6.25

IKARUS anti.virus

Trojan.Win32.Antavmu

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.2016917

Kaspersky

Packed.Win32.Black

14.0.0.64

McAfee

Artemis!65D79C046AE7

5600.6370

Microsoft Security Essentials

VirTool:Win32/Obfuscator.XX

1.1.11903.0

MicroWorld eScan

Trojan.Packed.Libix.Gen.9

17.0.0.495

Sophos

Mal/Behav-374

4.98

Trend Micro

TROJ_GEN.R08OC0RHF15

10.465.13

VIPRE Antivirus

Trojan.Win32.Generic

42988

File size:

1.6 MB (1,648,128 bytes)

Product version:

1.0.0.0

@DarkTerro

Trademarks:

@DarkTerro

Original file name:

Hammer

File type:

Executable application (Win32 EXE)

Language:

Brazilian Portuguese

Common path:

C:\users\{user}\downloads\hammer venezuela.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:9xEfXUvAyVguLufr+xGFuyHEAkjDVx6awrCDu3iiioiqrglgiCSoiG65g0tCZA:wfE4HeGU30Pxbgdlo5mgr

Entry address:

0x265014

Entry point:

B8, 00, 00, 00, 00, 60, 0B, C0, 74, 68, E8, 00, 00, 00, 00, 58, 05, 53, 00, 00, 00, 80, 38, E9, 75, 13, 61, EB, 45, DB, 2D, 37, 50, 66, 00, FF, FF, FF, FF, FF, FF, FF, FF, 3D, 40, E8, 00, 00, 00, 00, 58, 25, 00, F0, FF, FF, 33, FF, 66, BB, 19, 5A, 66, 83, C3, 34, 66, 39, 18, 75, 12, 0F, B7, 50, 3C, 03, D0, BB, E9, 44, 00, 00, 83, C3, 67, 39, 1A, 74, 07, 2D, 00, 10, 00, 00, EB, DA, 8B, F8, B8, 60, 61, 31, 00, 03, C7, B9, 6D, 52, 26, 00, 03, CF, EB, 0A, B8, 60, 61, 71, 00, B9, 6D, 52, 66, 00, 50, 51, E8, 87... 
[+]

Packer / compiler:

Themida/WinLicense V1.8.0.2 +

Code size:

1.2 MB (1,293,312 bytes)

The file hammer venezuela.exe has been seen being distributed by the following URL.

http://dc725.4shared.com/download/.../hammer_venezuela.exe

Remove hammer venezuela.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.