l0xyil.exe

ITEA LLC

The executable l0xyil.exe has been detected as malware by 10 anti-virus scanners.
Publisher:
ITEA LLC  (signed and verified)

MD5:
3ae8584ff75127d37f35675876920fd2

SHA-1:
739448062f84a22a5b9160c473d5c7d84a1241a2

SHA-256:
4539ba0fa9391eb75a8141a0a7ffdf606d863e0c62917a462b7d5c641617c682

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
12/25/2024 5:14:59 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Mabezat [Wrm]
160518-2

AVG
Win32/Mabezat
2015.0.4568

Dr.Web
Trojan.StartPage1.25621
9.0.1.05190

Emsisoft Anti-Malware
Win32.Worm.Mabezat.Gen
11.5.0.6191

ESET NOD32
Win32/Mabezat.A virus
7.0.302.0

F-Prot
W32/Mabezat.A-2
4.6.5.141

Kaspersky
Worm.Win32.Mabezat
15.0.0.562

McAfee
Virus.W32/Mabezat.a
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.654.0

Norman
Win32.Worm.Mabezat.Gen
19.05.2016 01:04:49

File size:
356.3 KB (364,855 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\hpdef\l0xyil.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/18/2016 12:00:00 AM

Valid to:
2/17/2017 11:59:59 PM

Subject:
CN="""ITEA"" LLC", OU=IT, O="""ITEA"" LLC", STREET="prosp. Vyzvolyteliv, 5", L=Kiev, S=Kiev, PostalCode=02660, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
277A5AD5AF3F7ADB181C76A58924E916

File PE Metadata
Compilation timestamp:
3/9/2016 4:22:04 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
6144:vBnDWf2uZ2SOf5WV+CueyC7/3D+6ltJSTpoqf5nqewXwqqK/:JDC2uZ2SOf50+xC7/z+2JSTpo7XwvK/

Entry address:
0x13F8D

Entry point:
BB, 64, DB, 0F, 41, 93, E9, 20, 01, 00, 00, 16, BC, 1F, 1B, C7, 4B, 1F, 1B, 67, B4, A2, 9F, 9F, 1F, 9F, 9F, BB, 9F, 9F, 9F, FE, D0, D5, D0, CF, D0, D8, D6, D5, 9F, 9F, 9F, 13, 00, 19, 04, 01, 00, 0C, 00, CD, 03, 0B, 0B, 9F, 9F, 9F, 9F, FB, 9F, 9F, 9F, E5, 11, 04, 04, EB, 08, 01, 11, 00, 11, 18, 9F, E2, 11, 04, 00, 13, 04, E3, 08, 11, 04, 02, 13, 0E, 11, 18, E0, 9F, 9F, 9F, 9F, E6, 04, 13, F6, 08, 0D, 03, 0E, 16, 12, E3, 08, 11, 04, 02, 13, 0E, 11, 18, E0, 9F, 9F, 9F, 9F, E6, 04, 13, EC, 0E, 03, 14, 0B, 04...
 
[+]

Code size:
136 KB (139,264 bytes)

Remove l0xyil.exe - Powered by Reason Core Security