img_02112014.scr

lCsRLSwJ

Dinosaur

The file img_02112014.scr by Dinosaur has been detected as a potentially unwanted program by 29 anti-malware scanners.
Publisher:
Dinosaur  (signed and verified)

Product:
lCsRLSwJ

Version:
4.2.2.5

MD5:
8afc2c1555afe4c96a73a061e585c202

SHA-1:
17f20c91c4d4a8f4e556db32b67b2a8bf944949a

SHA-256:
deaa2ca8c2e21b162533b746253f8df0d2235c11643c2fc35afce0793c199771

Scanner detections:
29 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 11:18:55 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKDZ.27682
180

Agnitum Outpost
Trojan.Kryptik
7.1.1

Avira AntiVirus
TR/Krypt.636944
8.3.2.2

Arcabit
Trojan.Generic.D6C22
1.0.0.585

avast!
Win32:Broban-AR [Trj]
2014.9-160808

AVG
MSIL7
2017.0.2658

Baidu Antivirus
Adware.MSIL.iBryte
4.0.3.1688

Bitdefender
Trojan.GenericKDZ.27682
1.0.20.1105

Dr.Web
Trojan.PWS.Steam.1592
9.0.1.0221

Emsisoft Anti-Malware
Trojan.MSIL.Kryptik
8.16.08.08.06

ESET NOD32
MSIL/Kryptik.BPM (variant)
10.12467

Fortinet FortiGate
MSIL/Kryptik.BPM!tr
8/8/2016

F-Secure
Trojan.GenericKDZ.27682
11.2016-08-08_2

G Data
Trojan.GenericKDZ.27682
16.8.25

IKARUS anti.virus
Trojan.MSIL.Crypt
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.212.17655

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-216

Malwarebytes
Trojan.Steam.DHA
v2016.08.08.06

McAfee
RDN/Generic.dx!dpm
5600.6314

MicroWorld eScan
Trojan.GenericKDZ.27682
17.0.0.663

NANO AntiVirus
Trojan.Win32.Steam.dqgwsz
0.30.26.3947

nProtect
Trojan.GenericKDZ.27682
15.10.26.01

Panda Antivirus
Trj/CI.A
16.08.08.06

Quick Heal
Trojan.MSI.r3
8.16.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R06AC0EDC15
10.465.08

VIPRE Antivirus
Trojan.Win32.Generic
44830

ViRobot
Trojan.Win32.S.MSILAgent.636944[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Inject.Win32.166807
2.0.0.2476

File size:
622 KB (636,944 bytes)

Product version:
4.2.2.5

Copyright:
Copyright lCsRLSwJ © 2015

Original file name:
lCsRLSwJ.exe

Common path:
C:\users\{user}\downloads\img_02112014.scr

Digital Signature
Signed by:

Authority:
getaCert - www.getacert.com

Valid from:
4/2/2015 8:58:13 AM

Valid to:
6/1/2015 8:58:13 AM

Subject:
E=LOL@run.away, CN=Melaldon, OU=Carnivore, O=Dinosaur, L=Cali, S=Pandora, C=NL

Issuer:
O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:
0DF6

File PE Metadata
Compilation timestamp:
4/4/2015 9:30:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:fuudB5ed6fNF/wrqwNjNB3yi7FAS5wCxelKwFIvJfo/07X58jK9d/qJdF2gGvdu9:ffU0wTP3yMq/akJdF2gIduJ3L

Entry address:
0x770FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
468.5 KB (479,744 bytes)

Remove img_02112014.scr - Powered by Reason Core Security