» keygen.exe
Overview
Analysis
File Details
Downloads (1)

keygen.exe

The application keygen.exe has been detected as a potentially unwanted program by 20 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from srv1.sendfile.es.

File name:

keygen.exe

MD5:

fe2fa492c4e7f833366b88c22c545561

SHA-1:

2181d3364bf0fa6f946d493e91cfb606eafe4bb1

SHA-256:

327df5af086f1d0346a5675c70ada4a711c1e5778d48dc76065b3f092260249e

Scanner detections:

20 / 68

Status:

Potentially unwanted

Analysis date:

12/27/2024 6:56:43 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.Keygen

7.1.1

AhnLab V3 Security

Win-Trojan/Packed.53957

14.03.22

Avira AntiVirus

TR/Packed.2537

7.11.138.84

AVG

Agent

2015.0.3527

Bkav FE

W32.Clodba9.Trojan

1.3.0.4959

ESET NOD32

Win32/Keygen.AF (variant)

8.9574

F-Prot

W32/Heuristic-210

v6.4.7.1.166

IKARUS anti.virus

not-a-virus.Keygen.Adobe

t3scan.2.2.29

K7 AntiVirus

Trojan

13.176.11524

Malwarebytes

Trojan.Downloader

v2014.03.22.09

McAfee

Generic.dx

5600.7183

Norman

Suspicious_F.E

11.20140322

nProtect

Trojan/W32.Agent.53957

14.03.21.01

Panda Antivirus

Generic Trojan

14.03.22.09

Quick Heal

(Suspicious) - DNAScan

3.14.12.00

Sophos

Troj/LCKeyGen-A

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Skelten

10711

Trend Micro House Call

CRCK_DLORD

7.2.81

Trend Micro

CRCK_DLORD

10.465.22

ViRobot

Spyware.Small.Do.53957

2011.4.7.4223

File size:

52.7 KB (53,957 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

9/11/1987 4:35:02 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

CTPH (ssdeep):

1536:701patm2H4ME1KsQwXliWMltLCxkslLzb6aq:g2HVE1tQqliHLCxk667

Entry address:

0x154

Entry point:

4D, 5A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 45, 00, 00, 4C, 01, 02, 00, 46, 53, 47, 21, 00, 00, 00, 00, 00, 00, 00, 00, E0, 00, 8F, 81, 0B, 01, 00, 00, 00, 42, 01, 00, 00, 72, 00, 00, 00, 00, 00, 00, 54, 01, 00, 00, 00, 10, 00, 00, 0C, 00, 00, 00, 00, 00, 40, 00, 00, 10, 00, 00, 00, 02, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 03, 00, 0A, 00, 00, 00, 00, 00, 00, 00, 03, 00, 00, 02, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 10, 00, 00, 20, 00, 00, 00, 00, 10, 00, 00, 10, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.7941 (probably packed)

Code size:

80.5 KB (82,432 bytes)

The file keygen.exe has been seen being distributed by the following URL.

http://srv1.sendfile.es/.../589393---mvgb.html

Remove keygen.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.