home

keygen.exe

TODO:

TODO: <Company name>

Publisher:
TODO:

Product:
TODO: <Product name>

Description:
TODO: <File description>

Version:
1.0.0.1

MD5:
a9a9a345878cecf11ce22cef720b426b

SHA-1:
6e062b5e1ef6601535da8c87889be74b3213dd4f

SHA-256:
16bcfd27bac180c32aa6177fb079a16572003bc31a95fc42400b267231bc547d

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/27/2024 7:37:55 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod18c.Trojan
1.3.0.4959

ViRobot
Trojan.Win32.A.Gena.95744[h]
2014.3.20.0

File size:
93.5 KB (95,744 bytes)

Product version:
1.0.0.1

Copyright:
TODO: (c) <Company name>. All rights reserved.

Original file name:
Mathematica_09.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\wolfram research\keygen\keygen.exe

File PE Metadata
Compilation timestamp:
12/19/2012 1:18:52 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:mw4DSmW0qJhQgZomzSDO+CaJ/8k8DT2oiuGo4bD7zjjMZfAWG7JpLMxCA4Gn:mw4DSmWTDfZJuDO+d2ljy3zjm

Entry address:
0x5E5B

Entry point:
E8, D1, 03, 00, 00, E9, 4D, FE, FF, FF, 3B, 0D, 78, A0, 40, 00, 75, 02, F3, C3, E9, 85, 05, 00, 00, 83, 3D, B4, A9, 40, 00, 00, 74, 03, 33, C0, C3, 56, 6A, 04, 6A, 20, FF, 15, FC, 70, 40, 00, 59, 59, 8B, F0, 56, FF, 15, 0C, 70, 40, 00, A3, B4, A9, 40, 00, A3, B0, A9, 40, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 14, 68, C8, 83, 40, 00, E8, 84, 04, 00, 00, FF, 35, B4, A9, 40, 00, 8B, 35, 10, 70, 40, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, F4, 70, 40, 00...
 
[+]

Entropy:
5.2597

Code size:
23 KB (23,552 bytes)

The file keygen.exe has been seen being distributed by the following 7 URLs.

https://s04.solidfilesusercontent.com/NWI0NjA5OTU3Y2NkOGYxOTQzODNiYmYxMDgzODBkZDNmODY0MDhlZToxYXZ3UHM6ZVFta3lkM0RZc19zekt1S1lHa0E4VEJLcFQw/.../keygen.exe

https://www.dropbox.com/sh/vtymd2xp48am2ad/.../keygen.exe

https://docs.google.com/uc?id=0B4q7OTxhf0sCVF9VWTdDREJVQk0&export=download

https://docs.google.com/uc?authuser=0&id=0Bw319ZOkfDj4YmdZclhoNzJZQlUxMm95SGlKdm5TeklUM1U4&export=download

http://s6070.chomikuj.pl/File.aspx?e=5rV2GbbngWe21yVQoVHVXeYdeC2g-mdys4BiHvAs42Ff-_eH4muRV7srvNVvoKEfUZzkd3uwS-zH6QEqcdxx3wzY5N8vfS6zUHqLVL_4PaHkHfUVYLnRz4SSxU84Inb0X3Xjxk4oDie_X5gNNJ5X5g&pv=2

http://www.datafilehost.com/get.php?file=bec59efc

https://doc-10-14-docs.googleusercontent.com/docs/securesc/ennbg3blid250va2uah7biorjpal2lkc/pstp55klte6b4a71fgbskdmrv9ovjon5/1418472000000/11776586789517843968/.../0BwwLAcQZlgKgYnF0dXRXV2RnQjA?e=download

Scan keygen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.