» HILELER.exe
Overview
Analysis
File Details
Downloads (1)

HILELER.exe

A

The executable HILELER.exe has been detected as malware by 24 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from s5.dosya.tc.

File name:

HILELER.exe

Publisher:

Microsoft* (Invalid match)

Product:

Version:

1.0.0.0

MD5:

ae2f8b266392f2ace8c46604bd5b1cd2

SHA-1:

2c6260fd7801e073a88b497286c14638f9b4e525

SHA-256:

d9256272ea60c825ba66d71328e4aad861e6780603fb26ec117fba96a1dcb1ea

Scanner detections:

24 / 68

Status:

Malware

Analysis date:

12/26/2024 12:47:34 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.785843

204

AegisLab AV Signature

Gen.Variant.Kazy!c

2.1.4+

AhnLab V3 Security

Malware/Win32.Generic.N2020909961

3.7.4.14

Avira AntiVirus

TR/Spy.Gen

8.3.3.4

Arcabit

Trojan.Kazy.DBFDB3

1.0.0.741

avast!

Win32:Trojan-gen

2014.9-160714

AVG

PSW.Generic13

2017.0.2682

Bitdefender

Gen:Variant.Kazy.785843

1.0.20.980

Emsisoft Anti-Malware

Gen:Variant.Kazy.785843

8.16.07.14.12

ESET NOD32

MSIL/PSW.Agent.OTO (variant)

10.13755

Fortinet FortiGate

MSIL/Agent.OTO!tr.pws

7/14/2016

F-Secure

Gen:Variant.Kazy.785843

11.2016-14-07_5

G Data

Gen:Variant.Kazy.785843

16.7.25

IKARUS anti.virus

Trojan.MSIL.PSW

t3scan.2.1.6.0

K7 AntiVirus

Password-Stealer

13.232.20138

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.-93

McAfee

RDN/Generic PWS.y

5600.6338

MicroWorld eScan

Gen:Variant.Kazy.785843

17.0.0.588

NANO AntiVirus

Trojan.Win32.Agent.edngaw

1.0.38.8984

Panda Antivirus

Trj/GdSda.A

16.07.14.12

Qihoo 360 Security

Win32/Trojan.d19

1.0.0.1120

Trend Micro

TROJ_GEN.R028C0DFB16

10.465.14

VIPRE Antivirus

Trojan.Win32.Generic

50616

ViRobot

Trojan.Win32.Z.Kazy.932352.B[h]

2014.3.20.0

File size:

910.5 KB (932,352 bytes)

Product version:

1.0.0.0

Original file name:

HİLELER.exe

File type:

Executable application (Win32 EXE)

Language:

Turkish (Turkey)

Common path:

C:\users\{user}\downloads\hileler.exe

File PE Metadata

Compilation timestamp:

4/25/2016 8:00:58 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:rDHCk+WvjNNND+0MEKgv0i4qTAlK5tRebl4usL+++YGXh7ZBbL9xdc8TN6fMx:ak/vjf9+0igp4W55TeId+/vpB6

Entry address:

0xBA4FE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

737.5 KB (755,200 bytes)

The file HILELER.exe has been seen being distributed by the following URL.

http://s5.dosya.tc/en2.php?a=server/.../HILELER.exe&b=55827586ebf787c5ae4b1ef672cb5ec9

Remove HILELER.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.