kb39731582.exe

Rechnerkomponente7

Daniel Atallah

The executable kb39731582.exe has been detected as malware by 31 anti-virus scanners.
Publisher:
Daniel Atallah  (signed and verified)

Product:
Rechnerkomponente7

Description:
Papptäfelchen5

Version:
0.06.0005

MD5:
6618f7e59a29e69269434a6572fc6d7b

SHA-1:
b5875c195f57f74b046ea793648fea2db3de4709

SHA-256:
6ba7c75048951465c834acb303e76d43a2ef41d1b28ff45e4f43d22c2ccc6dba

Scanner detections:
31 / 68

Status:
Malware

Analysis date:
12/25/2024 5:33:17 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.48487
261

AhnLab V3 Security
Trojan/Win32.Foreign
2015.07.10

Avira AntiVirus
TR/Dropper.VB.22703
8.3.1.6

Arcabit
Trojan.Symmi.DBD67
1.0.0.425

avast!
Win32:Malware-gen
2014.9-160518

AVG
Inject2
2017.0.2739

Baidu Antivirus
Trojan.Win32.Injector
4.0.3.16518

Bitdefender
Gen:Variant.Symmi.48487
1.0.20.695

Comodo Security
UnclassifiedMalware
22715

Dr.Web
Trojan.KillFiles.17261
9.0.1.0139

Emsisoft Anti-Malware
Gen:Variant.Symmi.48487
8.16.05.18.06

ESET NOD32
Win32/Injector.BQAW (variant)
10.11917

Fortinet FortiGate
W32/Agent.AAPDL!tr.dldr
5/18/2016

F-Secure
Gen:Variant.Symmi.48487
11.2016-18-05_4

G Data
Gen:Variant.Symmi.48487
16.5.25

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.205.16517

Kaspersky
Trojan-Downloader.Win32.Agent
14.0.0.191

Malwarebytes
Trojan.EDVBGen
v2016.05.18.06

McAfee
Trojan-FFMD!6618F7E59A29
5600.6395

Microsoft Security Essentials
TrojanDownloader:Win32/Banload.BAX
1.1.11804.0

MicroWorld eScan
Gen:Variant.Symmi.48487
17.0.0.417

NANO AntiVirus
Trojan.Win32.Agent.djpilv
0.30.24.2487

Panda Antivirus
Trj/Chgt.N
16.05.18.06

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Quick Heal
VirTool.VBInject.LE3
5.16.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.17C75627!398939687
23.00.65.16516

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_SPNR.1BL414
7.2.139

Trend Micro
TROJ_SPNR.1BL414
10.465.18

VIPRE Antivirus
Trojan.Win32.Generic
41866

File size:
181.8 KB (186,168 bytes)

Product version:
0.06.0005

Copyright:
Eberfleisch

Trademarks:
Kurzschriftlehrers5

Original file name:
Aufstapelndem Reserveminen.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\kb39731582.exe

Digital Signature
Signed by:

Authority:
StartCom Ltd.

Valid from:
9/19/2012 5:48:58 AM

Valid to:
9/20/2014 7:56:51 PM

Subject:
E=datallah@pidgin.im, CN=Daniel Atallah, L=Holland, S=Michigan, C=US, Description=FWg32Q3ZaA4V01lM

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
075E

File PE Metadata
Compilation timestamp:
11/24/2014 12:09:58 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:xdHGdEdus7rJvlCsfO2QoWLbmPoCcu2dH1wrS5jpcp0jp5YlYE:zEEMsJvlC4OvbLbMRZ0tup6ouE

Entry address:
0x10E4

Entry point:
68, 5C, EA, 41, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, AD, 28, 4C, 5E, 7F, 92, 54, 4B, 88, A5, 1B, C2, 8F, DE, 9E, 40, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 0D, 0A, 43, 61, 70, 74, 42, 69, 65, 72, 6B, 61, 73, 74, 65, 6E, 73, 00, 20, 20, 20, 20, 00, 00, 00, 00, FF, CC, 31, 00, 09, 92, 31, E1, CC, 77, 8C, F1, 46, 84, 5E, 67, B6, BA, 70, 23, 65, F1, FC, C3, F7, 13, 5C, C6, 44, 86, 96, 8E, 56, 22, 3A, 23, D4, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
160 KB (163,840 bytes)

Remove kb39731582.exe - Powered by Reason Core Security