image14042015.scr

pSYKJkCk

Kapa

The file image14042015.scr by Kapa has been detected as a potentially unwanted program by 26 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.
Publisher:
Kapa  (signed and verified)

Product:
pSYKJkCk

Version:
4.0.0.0

MD5:
097734173486e1c25303d44c6e938716

SHA-1:
c76b9a110ffd188072f84a10d351915dc91e3ea3

SHA-256:
3686da969bd283ed5b71206a9c3e0f4f628c39793fbe102dd81bc6770bafaf37

Scanner detections:
26 / 68

Status:
Potentially unwanted

Analysis date:
12/28/2024 2:18:22 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2295841
271

Agnitum Outpost
Trojan.Inject
7.1.1

avast!
Win32:Broban-AR [Trj]
2014.9-160509

AVG
Downloader.MSIL
2017.0.2749

Baidu Antivirus
Adware.MSIL.iBryte
4.0.3.1659

Bitdefender
Trojan.GenericKD.2295841
1.0.20.650

Emsisoft Anti-Malware
Trojan.GenericKD.2295841
8.16.05.09.06

ESET NOD32
MSIL/Kryptik.BRU (variant)
10.11599

Fortinet FortiGate
MSIL/Kryptik.BRU!tr
5/9/2016

F-Secure
Trojan.GenericKD.2295841
11.2016-09-05_2

G Data
Trojan.GenericKD.2295841
16.5.25

IKARUS anti.virus
Trojan.Win32.Injector
t3scan.1.8.9.0

K7 AntiVirus
Trojan
13.203.15849

Kaspersky
Trojan.MSIL.Inject
14.0.0.239

Malwarebytes
Trojan.Stealer.DHA
v2016.05.09.06

McAfee
RDN/Generic.dx!dqt
5600.6405

MicroWorld eScan
Trojan.GenericKD.2295841
17.0.0.390

NANO AntiVirus
Trojan.Win32.Inject.dqyfzx
0.30.24.1357

nProtect
Trojan.GenericKD.2295841
15.05.08.01

Panda Antivirus
Trj/CI.A
16.05.09.06

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Quick Heal
Trojan.MSI.r3
5.16.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_BROBAN.SMLO
7.2.130

Trend Micro
TROJ_GEN.R02KC0EDL15
10.465.09

VIPRE Antivirus
Trojan.Win32.Generic
40074

File size:
744 KB (761,872 bytes)

Product version:
4.0.0.0

Copyright:
Copyright pSYKJkCk © 2015

Original file name:
pSYKJkCk.exe

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\image14042015.scr

Digital Signature
Signed by:

Authority:
getaCert - www.getacert.com

Valid from:
4/12/2015 9:19:44 AM

Valid to:
6/11/2015 9:19:44 AM

Subject:
E=support@msdkk.com, CN=Wonderwall, OU=Deilm, O=Kapa, L=Caimen, S=Ilsend, C=US

Issuer:
O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:
0E8E

File PE Metadata
Compilation timestamp:
4/13/2015 2:48:59 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:IYwbYLcZn0Y1hRNRW9fxysuqexNjEyPXRmjZ7RMHN4gWGb9lZbTKO2UqYk9O:/wKc9/AUDx1P60WO

Entry address:
0xB217E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.3816

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
704.5 KB (721,408 bytes)

Remove image14042015.scr - Powered by Reason Core Security