img_11042015.scr.exe

sPLUQlzW

Steak House

The executable img_11042015.scr.exe has been detected as malware by 24 anti-virus scanners.
Publisher:
Steak House  (signed and verified)

Product:
sPLUQlzW

Version:
3.8.0.4

MD5:
e6d3c5cd1651ec43e3938b0a86afd6f5

SHA-1:
413b25dce1c3095cbbc4bb4458be4da2f62f3a2c

SHA-256:
89eb45837495291d8aa260a89bbb6317a3d3be20d41d3cc0d11e6b0d74980e0e

Scanner detections:
24 / 68

Status:
Malware

Analysis date:
12/28/2024 2:23:16 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2291337
333

Agnitum Outpost
Trojan.Inject
7.1.1

AhnLab V3 Security
Win-Trojan/MDA.630F094C
2015.05.01

avast!
Win32:Broban-AR [Trj]
2014.9-160308

AVG
Dlder
2017.0.2811

Baidu Antivirus
Trojan.MSIL.Inject
4.0.3.1638

Bitdefender
Trojan.GenericKD.2291337
1.0.20.340

Emsisoft Anti-Malware
Trojan.GenericKD.2291337
8.16.03.08.06

ESET NOD32
MSIL/Kryptik.BRU (variant)
10.11557

Fortinet FortiGate
MSIL/JBP!tr
3/8/2016

F-Secure
Trojan.GenericKD.2291337
11.2016-08-03_3

G Data
Trojan.GenericKD.2291337
16.3.25

IKARUS anti.virus
Trojan.MSIL.Injector
t3scan.1.8.9.0

K7 AntiVirus
Trojan
13.203.15761

Kaspersky
Trojan.MSIL.Inject
14.0.0.549

McAfee
Artemis!E6D3C5CD1651
5600.6467

MicroWorld eScan
Trojan.GenericKD.2291337
17.0.0.204

nProtect
Trojan.GenericKD.2291337
15.04.30.01

Panda Antivirus
Trj/CI.A
16.03.08.06

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_GEN.R08NC0EDO15
7.2.68

Trend Micro
TROJ_GEN.R08NC0EDO15
10.465.08

Vba32 AntiVirus
TScope.Trojan.MSIL
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
39816

File size:
688.5 KB (704,976 bytes)

Product version:
3.8.0.4

Copyright:
Copyright sPLUQlzW © 2015

Original file name:
sPLUQlzW.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\img_11042015.scr.exe

Digital Signature
Signed by:

Authority:
getaCert - www.getacert.com

Valid from:
4/7/2015 9:30:17 PM

Valid to:
6/6/2015 9:30:17 PM

Subject:
CN=Steak House, L=Cali, S=California, C=GB

Issuer:
O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:
0E3B

File PE Metadata
Compilation timestamp:
4/11/2015 1:27:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:qYcTwF9moJKldFeUEi4XKfiUJZIWvxb2UyePNaOiaTUm2Uy1CM8LLY/MWxlSxJhA:LRy7eD5X9UJZIWpyfePNFlUUWpH

Entry address:
0xA350E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
645.5 KB (660,992 bytes)

Remove img_11042015.scr.exe - Powered by Reason Core Security