keygen.exe

The application keygen.exe has been detected as a potentially unwanted program by 43 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from s10008.chomikuj.pl.
MD5:
6f5f9f9238c8d6c88f96b8aee244deb2

SHA-1:
ea28fd76b401e01e87175f05c28e994242b68ba7

SHA-256:
5c5a4e10cb2a7ff2d211b8b8f215f76edc9a9aa0fa3382b4233ec72b2313ee4f

Scanner detections:
43 / 68

Status:
Potentially unwanted

Analysis date:
12/29/2024 2:18:57 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Backdoor.Generic.716228
969

Agnitum Outpost
HackTool.Keygen.DR
7.1.1

AhnLab V3 Security
Win-Trojan/ASD.variant
2014.06.07

Avira AntiVirus
TR/Gendal.269824.H
7.11.153.146

AVG
Generic20
2015.0.3447

Bitdefender
Backdoor.Generic.716228
1.0.20.810

Bkav FE
W32.Clod148.Trojan
1.3.0.4959

Emsisoft Anti-Malware
Backdoor.Generic.716228
8.14.06.11.11

ESET NOD32
Win32/Keygen.AK (variant)
8.9905

Fortinet FortiGate
W32/Malware_fam.NB
6/11/2014

F-Prot
W32/MalwareF.GUIQ
v6.4.7.1.166

F-Secure
Backdoor.Generic.716228
11.2014-11-06_4

G Data
Backdoor.Generic.716228
14.6.24

IKARUS anti.virus
not-a-virus.Keygen.PowerISO4
t3scan.1.6.1.0

Malwarebytes
Trojan.Agent
v2014.06.11.11

McAfee
Generic.dx!6F5F9F9238C8
5600.7103

Microsoft Security Essentials
1.10600

MicroWorld eScan
Backdoor.Generic.716228
15.0.0.486

NANO AntiVirus
Trojan.Win32.Gendal.gumqy
0.28.0.60100

Norman
Malware.FZWC
11.20140611

nProtect
Trojan/W32.Agent.269824.AE
14.06.05.01

Panda Antivirus
Adware/KeyGenerator
14.06.11.11

Rising Antivirus
PE:Trojan.Win32.Generic.12A8124C!313004620
23.00.65.14609

Sophos
Mal/KeyGen-A
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Palevo
10550

Trend Micro House Call
CRCK_KEYGEN
7.2.162

Trend Micro
CRCK_KEYGEN
10.465.11

VIPRE Antivirus
Trojan.Win32.Generic
30018

XVirus List
Win32.Detected
2.6.11

File size:
263.5 KB (269,824 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
11/25/2008 6:11:42 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:a+ZMecfEVhgLsu/WsqLv/AtK3jHeM1VWARX8/CW5ceODW70:a+rzVhg//Ws6XaK3i8V3Rs/CWueB7

Entry address:
0x1000

Entry point:
B8, 18, D4, 4B, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, E1, E6, 65, C1, 3A, F6, 83, 47, F1, 13, 84, EB, 86, D5, 2F, 56, 4B, C6, E0, C1, 93, 86, 0C, 7A, B9, CD, 12, 7E, 1E, 5C, 69, 36, CD, 57, 78, 0C, F0, C8, 02, 95, 42, 12, 2E, A8, AB, E0, B3, AA, DF, DD, DC, 5C, 4D, A5, 01, 09, B8, F7, 93, 62, 45, 7D, D3, B3, 39, 4A, 7E, CC, 5B, 5B, D5, 98, 13, 76, 8E, 32, 15, 18, E8, 6B, 4B, 62, D0, CF, C5, 16, 6A, 8B, E8, AB, DC, B8, C9...
 
[+]

Entropy:
7.9042

Packer / compiler:
PECompact v2

Code size:
462 KB (473,088 bytes)

The file keygen.exe has been seen being distributed by the following URL.

Remove keygen.exe - Powered by Reason Core Security