» image14042015.scr
Overview
Analysis
File Details

image14042015.scr

pSYKJkCk

Kapa

The file image14042015.scr by Kapa has been detected as a potentially unwanted program by 26 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

image14042015.scr

Publisher:

Kapa (signed and verified)

Product:

pSYKJkCk

Version:

4.0.0.0

MD5:

097734173486e1c25303d44c6e938716

SHA-1:

c76b9a110ffd188072f84a10d351915dc91e3ea3

SHA-256:

3686da969bd283ed5b71206a9c3e0f4f628c39793fbe102dd81bc6770bafaf37

Scanner detections:

26 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 8:46:00 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2295841

271

Agnitum Outpost

Trojan.Inject

7.1.1

avast!

Win32:Broban-AR [Trj]

2014.9-160509

AVG

Downloader.MSIL

2017.0.2749

Baidu Antivirus

Adware.MSIL.iBryte

4.0.3.1659

Bitdefender

Trojan.GenericKD.2295841

1.0.20.650

Emsisoft Anti-Malware

Trojan.GenericKD.2295841

8.16.05.09.06

ESET NOD32

MSIL/Kryptik.BRU (variant)

10.11599

Fortinet FortiGate

MSIL/Kryptik.BRU!tr

5/9/2016

F-Secure

Trojan.GenericKD.2295841

11.2016-09-05_2

G Data

Trojan.GenericKD.2295841

16.5.25

IKARUS anti.virus

Trojan.Win32.Injector

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.203.15849

Kaspersky

Trojan.MSIL.Inject

14.0.0.239

Malwarebytes

Trojan.Stealer.DHA

v2016.05.09.06

McAfee

RDN/Generic.dx!dqt

5600.6405

MicroWorld eScan

Trojan.GenericKD.2295841

17.0.0.390

NANO AntiVirus

Trojan.Win32.Inject.dqyfzx

0.30.24.1357

nProtect

Trojan.GenericKD.2295841

15.05.08.01

Panda Antivirus

Trj/CI.A

16.05.09.06

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Quick Heal

Trojan.MSI.r3

5.16.14.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_BROBAN.SMLO

7.2.130

Trend Micro

TROJ_GEN.R02KC0EDL15

10.465.09

VIPRE Antivirus

Trojan.Win32.Generic

40074

File size:

744 KB (761,872 bytes)

Product version:

4.0.0.0

Original file name:

pSYKJkCk.exe

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\image14042015.scr

Digital Signature

Signed by:

Kapa

Authority:

getaCert - www.getacert.com

Valid from:

4/12/2015 9:19:44 AM

Valid to:

6/11/2015 9:19:44 AM

Subject:

E=support@msdkk.com, CN=Wonderwall, OU=Deilm, O=Kapa, L=Caimen, S=Ilsend, C=US

Issuer:

O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:

0E8E

File PE Metadata

Compilation timestamp:

4/13/2015 2:48:59 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:IYwbYLcZn0Y1hRNRW9fxysuqexNjEyPXRmjZ7RMHN4gWGb9lZbTKO2UqYk9O:/wKc9/AUDx1P60WO

Entry address:

0xB217E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.3816

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

704.5 KB (721,408 bytes)

Remove image14042015.scr - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.