keygen-fff.exe

The application keygen-fff.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. This is a setup program which is used to install the application. This file is typically installed with the program Kerio VPN Client by Kerio Technologies Inc..
MD5:
17005b74506003c4b28e6b9206c63444

SHA-1:
f7d1505557ea13416e9fbf941a8c15d0aa178fa5

SHA-256:
ff365d59bcb3e87325b9a598a8ce85863a2193ccbdd708c69f4401c794281e24

Scanner detections:
21 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 1:51:31 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Keygen
7.1.1

AhnLab V3 Security
Backdoor/Win32.Graybird
2014.01.06

AVG
Dropper.Generic8
2015.0.3603

Bkav FE
HW32.CDB
1.3.0.4613

Clam AntiVirus
Win.Trojan.Keygen-463
0.98/21230

Comodo Security
UnclassifiedMalware
17561

Emsisoft Anti-Malware
Riskware.Win32.Keygen
11.5.0.6191

ESET NOD32
Win32/Keygen.AI potentially unsafe application
7.0.302.0

Fortinet FortiGate
W32/KeyGen.M
12/22/2013

IKARUS anti.virus
not-a-virus:Keygen.WinRAR
t3scan.2.2.29

K7 AntiVirus
Riskware
13.175.10735

McAfee
BackDoor-AWQ!ei
5600.7274

Norman
Hacktool.A!genr
11.20131222

Panda Antivirus
Generic Malware
13.12.22.01

Quick Heal
PACKER_UPX.Backdoor.Graybird
12.13.12.00

Reason Heuristics
Unnamed.Threat.46
14.3.2.16

Rising Antivirus
PE:Trojan.Win32.Generic.12DA817A!316309882
23.00.65.131220

Sophos
PUA 'Keygen' (of type Hacktool)
5.22

Trend Micro House Call
TROJ_SPNR.08EK12
7.2.356

Trend Micro
TROJ_SPNR.08EK12
10.465.22

VIPRE Antivirus
Trojan.Win32.Generic
25136

File size:
215.5 KB (220,672 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\keygen\keygen-fff.exe

File PE Metadata
Compilation timestamp:
5/6/2012 2:10:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:dMUIV12o+oc8sNFH7t+TeWZxyLdT0xXrs3wsQ:dM1Eoc8sj70Tzx6dT0xXg3

Entry address:
0x94CE

Entry point:
B8, E4, 78, 45, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 3A, 24, B0, 89, 10, 50, 99, C4, 36, 40, 54, 19, FC, 6A, 45, F0, BA, 0C, E1, 5E, 87, 0B, 14, F2, 0F, 00, 13, CA, DA, AC, 83, 63, 9F, 3B, 8A, 0B, B8, C9, 85, FB, 1F, BA, 4E, 53, DB, 72, 59, 80, 38, CA, 23, 78, 93, A0, 1A, EE, 6E, E9, 27, 72, 14, 70, C1, 24, 28, DD, 0A, 5D, A3, D6, 05, 85, 51, 28, 0D, DC, 70, E1, 35, 58, 8F, 85, 32, 97, 1A, F0, 06, 52, 0D, E4, E6, 58, 31...
 
[+]

Entropy:
7.9890

Packer / compiler:
PECompact v2

Code size:
83.5 KB (85,504 bytes)

The file keygen-fff.exe has been discovered within the following program.

Kerio VPN Client  by Kerio Technologies Inc.
Publisher's description - “Kerio VPN Client is an UTM firewall designed to protect medium and small businesses from a comprehensive range of invasive and crippling corporate network threats.”
www.kerio.com/support
About 8% of users remove it
 
Powered by Should I Remove It?

The file keygen-fff.exe has been seen being distributed by the following 18 URLs.

ftp://ftp.pgu.ac.ir/Utility/winrar.5.01.final/winrar.5.01.final.x86/KeyGen/.../KeyGen.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=577cef76e35a34031d3a6b2336aa73883034f382f512eb0fe72e8d69c4545316622079f8e76d2fb11522f9f00d2e0c53443212dfbaf54e65765cc349f481da9fc59df587c94897f7f9213e1afb148662dc098325aa530773981833b75c3807c0f83da4012e485baeca9ca5463258ab1e84298d1a5b15217d0d6a6d9581ebf538e99a02233061fa956932&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-keygen-winrar.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=1639ef72b20c3000186f393c67af74d03021f08ba80ef40ffe3dcf62cd43110f622079f8e76d2fb11522f9f00d2e0c53443212dfbaf54e65765cc349f481da9fc59df587c94897f7f9213e1afb148662dc098325aa530773981833b75c3807c0f83da4012e485baeca9ca5463258ab1e84298d1a5b15217d0d6a6d9581ebf538e99a02233061fa956932&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-keygen-winrar.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=1028a42ea14d64055b716f216ba97adf203aee97a144eb4afa2b8d3bc04a4a4e622079f8e76d2fb11522f9f00d2e0c53443212dfbaf54e65765cc349f481da9fc59df587c94897f7f9213e1afb148662dc098325aa530773981833b75c3807c0f83da4012e485baeca9ca5463258ab1e84298d1a5b15217d0d6a6d9581ebf538e99a02233061fa956932&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-keygen-winrar.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=132fa129e9522f565c6a632b76f57c8f263ff897ad16f400fe6bc97f9f16511d622079f8e76d2fb11522f9f00d2e0c53443212dfbaf54e65765cc349f481da9fc59df587c94897f7f9213e1afb148662dc098325aa530773981833b75c3807c0f83da4012e485baeca9ca5463258ab1e84298d1a5b15217d0d6a6d9581ebf538e99a02233061fa956932&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-keygen-winrar.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=5321ef6ba4526c50486535276aac2d8b7065af82a712ea0ee731903ac44c4715622079f8e76d2fb11522f9f00d2e0c53443212dfbaf54e65765cc349f481da9fc59df587c94897f7f9213e1afb148662dc098325aa530773981833b75c3807c0f83da4012e485baeca9ca5463258ab1e84298d1a5b15217d0d6a6d9581ebf538e99a02233061fa956932&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4dee2a8862c5410f&down=0b3da36fa30172185e30306174fd75853636b390ad53fc56f8369064ca4249102d25&jump_type=download

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=0e79b06be34b68554c67393f34fd7f832d3af1d2a048ec5abd6e8e7ac8404f0c622079f8e76d2fb11522f9f00d2e0c53443212dfbaf54e65765cc349f481da9fc59df587c94897f7f9213e1afb148662dc098325aa530773981833b75c3807c0f83da4012e485baeca9ca5463258ab1e84298d1a5b15217d0d6a6d9581ebf538e99a02233061fa956932&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-keygen-winrar.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=012cb62bbe5e3c521531723d30eb239f3064f58fa00fa157bc39ca789e15454b622079f8e76d2fb11522f9f00d2e0c53443212dfbaf54e65765cc349f481da9fc59df587c94897f7f9213e1afb148662dc098325aa530773981833b75c3807c0f83da4012e485baeca9ca5463258ab1e84298d1a5b15217d0d6a6d9581ebf538e99a02233061fa956932&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-keygen-winrar.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=0b7fb86db75d335b5e30393d61fc2cde2c3ef3deb644fd5bea6f8a63c2554f1c622079f8e76d2fb11522f9f00d2e0c53443212dfbaf54e65765cc349f481da9fc59df587c94897f7f9213e1afb148662dc098325aa530773981833b75c3807c0f83da4012e485baeca9ca5463258ab1e84298d1a5b15217d0d6a6d9581ebf538e99a02233061fa956932&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-keygen-winrar.exe

ftp://10.177.56.20/03 - Software/NEN CO/.../KEYGEN-Winrar.exe

ftp://ftp.ilam.ac.ir/Zipper/winrar.5.21.Final.x86/.../KEYGEN-FFF.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=5a7bb42db8553700193a652a76eb7a9c3738f8d0a44af45ebd6fcd3b9d53124b622079f8e76d2fb11522f9f00d2e0c53443212dfbaf54e65765cc349f481da9fc59df587c94897f7f9213e1afb148662dc098325aa530773981833b75c3807c0f83da4012e485baeca9ca5463258ab1e84298d1a5b15217d0d6a6d9581ebf538e99a02233061fa956932&url=0b3da36fa30172185e30306174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e30306174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-keygen-winrar.exe

temp:KEYGEN-FFF.exe

about:internet

Remove keygen-fff.exe - Powered by Reason Core Security