LeapFTP.exe

LeapFTP

LeapWare

The executable LeapFTP.exe, “Secure File Transfer Client” has been detected as malware by 11 anti-virus scanners.
Publisher:
LeapWare  (signed and verified)

Product:
LeapFTP

Description:
Secure File Transfer Client

Version:
3.1.0.50

MD5:
7087945559e4fc71643967df1e4f78d1

SHA-1:
21ea4f2488114fb80c94b16a572e67dd1877f879

SHA-256:
82b055848cc0016bbca540ba65229ef289541960c8dc13a0939fb79d723e1244

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
12/26/2024 7:54:02 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Mabezat [Wrm]
160327-1

AVG
Win32/Mabezat
2015.0.4355

Dr.Web
Win32.HLLW.Tazebama
9.0.1.05190

Emsisoft Anti-Malware
Win32.Worm.Mabezat.Gen
11.5.0.6191

ESET NOD32
Win32/Mabezat.A virus
8.0.319.0

F-Prot
W32/Mabezat.A-1
4.6.5.141

F-Secure
Win32.Worm.Mabezat.Gen
5.15.96

Kaspersky
Worm.Win32.Mabezat
15.0.0.562

McAfee
Virus.W32/Mabezat.c
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.219.58.0

Norman
Win32.Worm.Mabezat.Gen
02.04.2016 17:35:19

File size:
2.1 MB (2,170,559 bytes)

Product version:
3.1

Copyright:
© 1996-2009 by LeapWare

Original file name:
LeapFTP.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\leapftp 3.0\leapftp.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
9/28/2010 2:00:00 PM

Valid to:
9/29/2011 1:59:59 PM

Subject:
CN=LeapWare, OU=Application Security, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=LeapWare, L=Fort Worth, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7A8AE6A6E5FD53D9195B8B38590E5F41

File PE Metadata
Compilation timestamp:
6/19/1992 12:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:GYjbRqW5XPyjB5dLgV3DzgI4kCYaTfEKyWH+t:GUkW5XPyjBHgZx4LYWyWH+t

Entry address:
0x193A34

Entry point:
BB, 2C, 33, 59, 00, FF, E3, 00, 32, 59, 00, E8, 14, 37, E7, FF, A1, C0, 15, 5A, 00, 8B, 00, E8, 3C, 71, EE, FF, A1, C0, 15, 5A, 00, 8B, 00, 33, D2, E8, 16, 6D, EE, FF, 8B, 0D, B4, 17, 5A, 00, A1, C0, 15, 5A, 00, 8B, 00, 8B, 15, 60, CC, 55, 00, E8, 2E, 71, EE, FF, 6A, FF, 6A, FF, E8, 15, 3B, E7, FF, 50, E8, 2F, 3D, E7, FF, A1, C0, 15, 5A, 00, 8B, 00, E8, 93, 71, EE, FF, E8, D2, 10, E7, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7166

Code size:
1.6 MB (1,649,664 bytes)

Windows Firewall Allowed Program
Name:
C:\Program Files\LeapFTP 3.0\LeapFTP.exe


Remove LeapFTP.exe - Powered by Reason Core Security