» MadLeets - Deface Page Maker V1.1.exe
Overview
Analysis
File Details

MadLeets - Deface Page Maker V1.1.exe

Deface Page Maker V1.0

SmartFTP Client

The executable MadLeets - Deface Page Maker V1.1.exe has been detected as malware by 28 anti-virus scanners.

File name:

Publisher:

Microsoft (signed by SmartFTP Client)

Product:

Deface Page Maker V1.0

Version:

1.0.0

MD5:

ef69715b9ae81cbbe72c9a453658a549

SHA-1:

7143836161fdd3064caafcc21aae53296cff804a

SHA-256:

3ced6c76b678295c2301142a7594be1b7d28ecfc4f9390e7fbc700454455d7d1

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

1/13/2025 4:32:22 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.14572273

AegisLab AV Signature

Troj.W32.Generic!c

2.1.4+

Agnitum Outpost

Trojan.Agent

7.1.1

Arcabit

Trojan.Generic.DDE5AF1

1.0.0.653

avast!

MSIL:GenMalicious-DZ [Trj]

2014.9-161205

AVG

MSIL4

2017.0.2539

Baidu Antivirus

Trojan.MSIL.Injector

4.0.3.16125

Bitdefender

Trojan.Generic.14572273

1.0.20.1700

Comodo Security

UnclassifiedMalware

24116

Dr.Web

BackDoor.Comet.1783

9.0.1.0340

Emsisoft Anti-Malware

Trojan.Generic.14572273

8.16.12.05.07

ESET NOD32

MSIL/Injector.ESI (variant)

10.12989

Fortinet FortiGate

MSIL/Injector.ESI!tr

12/5/2016

F-Secure

Trojan.Generic.14572273

11.2016-05-12_2

G Data

Trojan.Generic.14572273

16.12.25

IKARUS anti.virus

Trojan.MSIL4

t3scan.2.0.6.0

K7 AntiVirus

Trojan

13.213.18666

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-812

Malwarebytes

Backdoor.Agent.TMPGen

v2016.12.05.07

McAfee

Artemis!EF69715B9AE8

5600.6195

Microsoft Security Essentials

Trojan:MSIL/Toauta!rfn

1.1.12400.0

MicroWorld eScan

Trojan.Generic.14572273

17.0.0.1020

NANO AntiVirus

Trojan.Win32.Comet.dfkpgi

1.0.14.5798

nProtect

Trojan.Generic.14572273

16.02.05.01

Panda Antivirus

Trj/CI.A

16.12.05.07

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1120

Sophos

Troj/MSILInj-HE

4.98

VIPRE Antivirus

Trojan.Win32.Generic

47032

File size:

488.4 KB (500,080 bytes)

Product version:

1.0.0

Original file name:

MadLeets - Deface Page Maker V1.1.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\compressed\madleets - deface page maker v1.1\madleets - deface page maker v1.1.exe

Digital Signature

Signed by:

SmartFTP Client

Authority:

SmartFTP Client

Valid from:

1/2/2014 4:56:32 PM

Valid to:

1/2/2114 4:56:32 PM

Subject:

CN=SmartFTP Client

Issuer:

CN=SmartFTP Client

Serial number:

6C7C1723381A15A44161851A894BF545

File PE Metadata

Compilation timestamp:

5/21/2015 5:32:20 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:5Ulo5379qb1H6Nb5laCzkSKOsHklURCeTOPmV+G:qlo53xi1HZCFbqrVT

Entry address:

0x6A86E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.7573

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

418.5 KB (428,544 bytes)

Remove MadLeets - Deface Page Maker V1.1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.