» keygen.exe
Overview
Analysis
File Details
Downloads (12)

keygen.exe

The application keygen.exe has been detected as a potentially unwanted program by 22 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from s7515.chomikuj.pl and multiple other hosts.

File name:

keygen.exe

MD5:

a8d6539db29516ef5743b2d10d5ac502

SHA-1:

d1bd1492c65e92bd782b490caf09782be2264c3a

SHA-256:

f3cdbd3fe3fe84b899b3cda4842bddec4ffc1c1f3d755999ce6fcbd67e69fcf6

Scanner detections:

22 / 68

Status:

Potentially unwanted

Analysis date:

11/17/2024 6:55:18 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.Keygen

7.1.1

AhnLab V3 Security

Unwanted/Win32.HackTool

2014.01.24

Avira AntiVirus

SPR/Tool.Keygen.2704

7.11.126.180

AVG

Crack

2015.0.3584

Bkav FE

W32.Clodf10.Trojan

1.3.0.4923

Comodo Security

UnclassifiedMalware

17661

ESET NOD32

Win32/Keygen.HU potentially unsafe application

6.3.12010.0

Fortinet FortiGate

W32/KeyGen.V

1/24/2014

IKARUS anti.virus

Backdoor.Win32.IRCBot

t3scan.2.2.29

Malwarebytes

RiskWare.Tool.HCK

v2014.01.24.06

McAfee

Artemis!A8D6539DB295

5600.7240

Microsoft Security Essentials

HackTool:Win32/Keygen

1.237.393.0

NANO AntiVirus

Trojan.Win32.Keygen.bazkpu

0.28.0.57380

Panda Antivirus

Trj/OCJ.A

14.01.24.06

Quick Heal

HackTool.Keygen (Not a Virus)

1.14.12.00

Reason Heuristics

Unnamed.Threat.38

14.2.23.10

Rising Antivirus

PE:Trojan.Win32.Generic.1330F232!321974834

23.00.65.14122

Sophos

Mal/KeyGen-V

4.97

Trend Micro House Call

TROJ_SPNR.08KL13

7.2.24

Trend Micro

TROJ_SPNR.08J412

10.465.24

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

25724

ViRobot

JS.A.Iframe.1889280

2011.4.7.4223

File size:

1.8 MB (1,889,280 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\sony\vegas pro 11.0\keygen.exe

File PE Metadata

Compilation timestamp:

10/2/2012 10:42:16 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:D7pu0+8on5L63sFoQtK86etjA9pkQ5s+tmn22:D7pOz5+3sFS83N+CpV

Entry address:

0x2B308

Entry point:

B8, C4, A6, 61, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 0E, 2E, 56, D4, 08, 89, B8, D2, 1B, A9, 58, 75, 8D, FC, 12, 42, 28, C8, 59, 70, 51, 18, B9, 58, C8, 6D, 72, C7, EB, 64, 23, 79, D2, 5F, 64, 12, 8E, 5A, 5C, FC, CA, F9, 24, 93, 21, 66, D4, 71, 6C, C8, 2C, 77, 2B, 5F, DA, A2, 6C, A7, EF, 89, 8A, 8A, 26, 52, A9, 9D, D5, 82, 8D, 34, B6, B2, E6, 1B, 40, 09, 79, E8, E4, F9, 2F, 58, 2C, 6E, 49, B4, 24, 33, EF, 37, B0, E6, 30... 
[+]

Entropy:

7.9994

Packer / compiler:

PECompact v2

Code size:

166.5 KB (170,496 bytes)

The file keygen.exe has been seen being distributed by the following 12 URLs.

http://s7515.chomikuj.pl/File.aspx?e=D99Y_9_oHOf5qo3PO4fhyTwAcGoOsClgQesNCjVQhHi9Cza7uTwhCfXL2GNiROx534Z-6Yen6NN9Vzm-AdoHvGouLe5c5JnrJkwYsW9CqdwhVr2FqRKjSR4u15nSIkEYJGkxFpVKzjXAQzqVpjr62Q&pv=2

temp:Keygen-1.exe

temp:Keygen.exe

http://s7515.chomikuj.pl/File.aspx?e=D99Y_9_oHOf5qo3PO4fhyTwAcGoOsClgQesNCjVQhHjYW79iXT6UyS43eGAMASSSzGxgaNaX_Q_qO-d_VerChuAEvY2PqVG0O6Thbc-aR32UIGGHr02ITvE4lpunc-tYovR9vISiIbXGeKGVfviz2w&pv=2

http://s7515.chomikuj.pl/File.aspx?e=D99Y_9_oHOf5qo3PO4fhyf_BbhI9NT77j-D0E3HcQ8lQVBJBQIk9cd6fZ231hSDAtQbNlzkb2EPLUhy79WlPRPWT-IWqZ8KgE8_iM-p1GhDGsSOb2fJoeBvGuqpKcfxg5tug2naY5JtJyCmd0EFebQ&pv=2

http://s7515.chomikuj.pl/File.aspx?e=D99Y_9_oHOf5qo3PO4fhyf_BbhI9NT77j-D0E3HcQ8kQTtHy0rB3IWcqByeFysVaIzfLGN1wMYlT2aPmyNydSTIu3J23-cZBcl7QnC6UuIPtpMTm9dXV4FPwu-9-4Rt-8nxkVNvyKQ0OWPv6uQjKaw&pv=2

http://s7515.chomikuj.pl/File.aspx?e=D99Y_9_oHOf5qo3PO4fhyf_BbhI9NT77j-D0E3HcQ8ngGpbWimdfMHMFWk_I6MJHhBAwjOW1Lf6ljMuWMcL3DJ5V5z8TD-E8i1EI5uAYspYDR6ItXtqNbCe1Xr1jZFk9rrWi1GJrw7ubcHMSg1YVGg&pv=2

http://www37.zippyshare.com/d/35866326/.../Keygen.exe

http://s7515.chomikuj.pl/File.aspx?e=D99Y_9_oHOf5qo3PO4fhyWAkRW2IhPCFWKQlP1T3VjJ0NrbCTH64v9d3BLD2UmJb1N36rpRl5dklU36ZmVPiDWcYFvoY8gCl-W_HrlAbDW_aYNO0c2jMiu4HpQbx8zN_2ke-rp8t22EThCZe3-JwqkdGo0PfHlyTrKsFlqlPjXM&pv=2

http://s7515.chomikuj.pl/File.aspx?e=D99Y_9_oHOf5qo3PO4fhyf_BbhI9NT77j-D0E3HcQ8kzYoxV8KJGPOH5o_wm0rJs5afWBuEuOvF1luTNPDrt6lYsdsznjWv-GnBAi9EiQ3HyIWclfuuCWsxOUDhhP99EjPZgq66C8bQazyvUMGO6hQ&pv=2

http://www12.file-upload.net/.../49hvtwhtn2i6.exe&origname=Vegas-Pro-12-Keygen-by-MatiCoTuts.exe&valid=75358981940

http://www.file-upload.net/download.php?valid=479.85883070384&id=6880211&name=Vegas-Pro-12-Keygen-by-MatiCoTuts.exe

Remove keygen.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.