» little inferno.exe
Overview
Analysis
File Details
Downloads (2)

little inferno.exe

The executable little inferno.exe has been detected as malware by 15 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from s7329.chomikuj.pl and multiple other hosts.

File name:

little inferno.exe

MD5:

68572a17fa7b89454247cb3dbcdc1c78

SHA-1:

8e5c22e349ccf726b1a15387f886a38d062002f0

SHA-256:

f76d1818d95e0f277b85757b5f2ff2691597dc789ba8e8428647eabbdb6d4d6f

Scanner detections:

15 / 68

Status:

Malware

Analysis date:

11/24/2024 8:30:48 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.Crifi.@pJfamh6RnpO

574

Agnitum Outpost

Trojan.Chifrax

7.1.1

AhnLab V3 Security

Trojan/Win32.Chifrax

2015.03.07

Avira AntiVirus

SPR/Tool.Keygen.6761

7.11.214.140

Bitdefender

Gen:Trojan.Heur.Crifi.@pJfamh6RnpO

1.0.20.960

ESET NOD32

Win32/HackTool.Crack.B potentially unsafe

9.11283

Fortinet FortiGate

W32/Chifrax.A!tr

7/11/2015

F-Secure

Gen:Trojan.Heur.Crifi.@pJfamh6RnpO

11.2015-11-07_7

G Data

Gen:Trojan.Heur.Crifi.@pJfamh6RnpO

15.7.25

K7 AntiVirus

Hacktool

13.200.15187

Kaspersky

Trojan.Win32.Chifrax

14.0.0.1753

Microsoft Security Essentials

HackTool:Win32/Keygen

1.1.11400.0

MicroWorld eScan

Gen:Trojan.Heur.Crifi.@pJfamh6RnpO

16.0.0.576

Sophos

Mal/Chifrax-A

4.98

Vba32 AntiVirus

Trojan.Chifrax

3.12.26.3

File size:

182.4 MB (191,252,772 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3145728:1Sqq1PrDQftfnCSYxkgG9Qxn8EI/TaKMEr0pQ2zQBRD1VQZUjlwQ1TjuNCY5PYBj:Uqor81vCnhx6xrG+t12ZolbTjuNCCQ8Q

Entry address:

0x717C0

Entry point:

60, BE, 00, D0, 44, 00, 8D, BE, 00, 40, FB, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 67, FC, 06, 00, 57, 83, C3, 04, 53, 68, AF, 47, 02, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 00, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Code size:

152 KB (155,648 bytes)

The file little inferno.exe has been seen being distributed by the following 2 URLs.

http://s7329.chomikuj.pl/File.aspx?e=1P6MWZDUM9Nhd7jy40PH4un08Ybhr683n4ibZVN1WLTgrIMoPccsAGErixfIJHGHyM-J-GItbHxLIFbStngBf3RhdlNqpIV6EwUN5pvq9_JeUGEBPnk4p72kJiJe2gcC9cGvkEYWP9Gxk3NHlS8NJA&pv=2

http://s6691.chomikuj.pl/File.aspx?e=1P6MWZDUM9Nhd7jy40PH4p_Sny6SbeQT7RZSgR9V1lzJVHJ8AaX2wW3Kn7cN539SMchfwxpV3M6LJd3C6kB3yus8GFr-QSKXOBRYmFHsvL3Pk31KKGWXd4JkdZLcP1YfN-fixW5tFhsQHkt7JLbk3Q&pv=2

Remove little inferno.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.