home

keygen.exe

The application keygen.exe has been detected as a potentially unwanted program by 16 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from originaldll.com and multiple other hosts.
MD5:
d55adcae2aa860f504999a3df0f31e65

SHA-1:
e659ad26123a07adf55befeb073524d34132ca57

SHA-256:
6aa0987b57bc1801b47eec493b637b06b87621fbb376a131837c2dd35db10c6c

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 4:32:27 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/FSG
7.1.1

Avira AntiVirus
TR/Renaz.78421
7.11.138.176

Bkav FE
HW32.Nonim
1.3.0.4959

Fortinet FortiGate
W32/MULP.AR!tr
4/18/2014

F-Prot
W32/Heuristic-210
v6.4.7.1.166

IKARUS anti.virus
not-a-virus.Keygen.NfS
t3scan.2.2.29

K7 AntiVirus
Trojan
13.176.11540

NANO AntiVirus
Trojan.Win32.Renaz.vchnv
0.28.0.58491

Norman
Suspicious_Gen.HNSU
11.20140418

nProtect
Trojan/W32.Packed.78421
14.03.24.01

Quick Heal
(Suspicious) - DNAScan
4.14.12.00

Sophos
Mal/Packer
4.98

Trend Micro House Call
CRCK_KEYGEN
7.2.108

Trend Micro
CRCK_KEYGEN
10.465.18

Vba32 AntiVirus
Trojan.Genome.gt
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic
27702

File size:
76.6 KB (78,421 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
9/22/1987 11:39:16 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

CTPH (ssdeep):
1536:05FuZe4Lll7regDIEQY/XLDlhSyGXl9hcD9Vd9D0acX4e:05FuZe4LD7reEIEQYTDy5XKD9V/Hs4e

Entry address:
0x154

Entry point:
4D, 5A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 45, 00, 00, 4C, 01, 02, 00, 44, 45, 56, 21, 00, 00, 00, 00, 00, 00, 00, 00, E0, 00, 0F, 01, 0B, 01, 00, 00, 00, 70, 00, 00, 00, D0, 03, 00, 00, 00, 00, 00, 54, 01, 00, 00, 00, 10, 00, 00, 0C, 00, 00, 00, 00, 00, 40, 00, 00, 10, 00, 00, 00, 02, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 00, A0, 05, 00, 00, 02, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 10, 00, 00, 10, 00, 00, 00, 00, 10, 00, 00, 10, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9026  (probably packed)

Code size:
28 KB (28,672 bytes)

The file keygen.exe has been seen being distributed by the following 2 URLs.

http://originaldll.com/.../36240.exe

http://dc614.4shared.com/download/.../keygen.exe

Remove keygen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.