home

injector by lucas.exe

The application injector by lucas.exe has been detected as a potentially unwanted program by 12 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc238.4shared.com.
MD5:
bf8ca6ca3214eea1b280926c537a7653

SHA-1:
6bd2d793ab887bc721735091787f517e3d87a4b0

SHA-256:
67ea5f4992e78aeedc157186397e268eef4311fe8a71a27904a2566c71c9ed6f

Scanner detections:
12 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 2:59:16 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.10420
191

Arcabit
Trojan.Symmi.D28B4
1.0.0.637

avast!
Win32:Malware-gen
2014.9-160728

Bitdefender
Gen:Variant.Symmi.10420
1.0.20.1050

Emsisoft Anti-Malware
Gen:Variant.Symmi.10420
8.16.07.28.05

ESET NOD32
Win32/DllInject.F potentially unsafe (variant)
10.12770

Fortinet FortiGate
Riskware/DllInject
7/28/2016

F-Secure
Gen:Variant.Symmi.10420
11.2016-28-07_5

G Data
Gen:Variant.Symmi.10420
16.7.25

K7 AntiVirus
Unwanted-Program
13.212.18203

McAfee
Artemis!BF8CA6CA3214
5600.6325

MicroWorld eScan
Gen:Variant.Symmi.10420
17.0.0.630

File size:
924.5 KB (946,688 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\injector by lucas.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:ovA7pO4vlpklUwnht4cgSNhDT9dMTbR2uQoAq01Y7gq8tBhlyU:eOg4fk3qaDb+V8oA/tt3

Entry address:
0x6BDF8

Entry point:
55, 8B, EC, 83, C4, F0, B8, F8, BB, 46, 00, E8, 2C, 9E, F9, FF, A1, C4, D9, 46, 00, 8B, 00, E8, C4, A3, FE, FF, 8B, 0D, A8, DA, 46, 00, A1, C4, D9, 46, 00, 8B, 00, 8B, 15, AC, AF, 46, 00, E8, C4, A3, FE, FF, A1, C4, D9, 46, 00, 8B, 00, E8, 38, A4, FE, FF, E8, 1F, 7F, F9, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
428 KB (438,272 bytes)

The file injector by lucas.exe has been seen being distributed by the following URL.

http://dc238.4shared.com/download/.../Injector_By_Lucas.exe

Remove injector by lucas.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.