home

jaotiay.exe

The executable jaotiay.exe has been detected as malware by 3 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘jaotiay’.
MD5:
60fdc988a2065f754f8c144825d02372

SHA-1:
53fcdd1dfed50d19324b0c1b5487e995b947a883

SHA-256:
8bf813458d29eea272e1ee1fdf634b0d57866e9b27b27e41aa8e2d1764e774fd

Scanner detections:
3 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/1/2025 8:16:21 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

F-Secure
Win32.Floxif.A
5.16.24

File size:
239.6 KB (245,328 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\aldmir\yaitoaj\jaotiay.exe

File PE Metadata
Compilation timestamp:
8/10/2014 11:38:19 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x110C

Entry point:
E9, 00, 63, 00, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 6E, 87, 35, DE, E8, 7A, BD, 40, 86, 9C, AE, F8, 62, CF, 8E, 2C, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 54, 69, 70, 20, 0D, 0A, 61, 68, 6A, 6C, 6F, 6B, 00, 61, 00, 00, 00, 00, 07, 00, 00, 00, 54, 40, 40, 00, 07, 00, 00, 00, 04, 40, 40, 00, 07, 00, 00, 00, C0, 3F, 40, 00, 07, 00, 00, 00, 04, 3F, 40, 00, 07, 00, 00, 00, B8, 37, 40, 00, 07, 00, 00, 00, 64, 37, 40, 00, 07, 00, 00, 00, 20, 37, 40, 00...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
56 KB (57,344 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
jaotiay

Command:
C:\users\aldmir\yaitoaj\jaotiay.exe \s


Remove jaotiay.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.