» mafia scanner.exe
Overview
Analysis
File Details
Downloads (1)

mafia scanner.exe

Pentest Dz

Hk Product

The executable mafia scanner.exe has been detected as malware by 12 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc668.4shared.com.

File name:

mafia scanner.exe

Publisher:

Hk Product

Product:

Pentest Dz

Description:

Dz Mafia Scanner

Version:

1.0.0.0

MD5:

93556554e687c8e48db3b6caf3cdd187

SHA-1:

ba4f54b720244a8a20ba311d92fd5814cf4cf801

SHA-256:

776738b76093caae78931e984791e027e9e8bfc34568d168eca18621f06e056c

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

11/5/2024 2:29:03 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Strictor.54937

911

Bitdefender

Gen:Variant.Strictor.54937

1.0.20.1095

Emsisoft Anti-Malware

Gen:Variant.Strictor.54937

8.14.08.07.05

F-Secure

Gen:Variant.Strictor.54937

11.2014-07-08_5

G Data

Gen:Variant.Strictor.54937

14.8.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.6.1.0

K7 AntiVirus

Riskware

13.182.12951

McAfee

Artemis!93556554E687

5600.7045

MicroWorld eScan

Gen:Variant.Strictor.54937

15.0.0.657

Qihoo 360 Security

Win32/Trojan.381

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.16DDE323!383640355

23.00.65.14805

Trend Micro House Call

TROJ_GEN.R0C1H09GH14

7.2.219

File size:

708 KB (724,992 bytes)

Product version:

1.0.0.0

Original file name:

White Hacker.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

5/30/2014 9:18:19 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:t2X+f23OIV9TFFgFBRu1gCCud2Giz3lpBRu1gCiud:kX+fqOIVdF2RuKCCoihRuKCio

Entry address:

0x8AFBE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 70, 00, 00, 80, 10, 00, 00, 00, 88, 00, 00, 80, 18, 00, 00, 00, A0, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

548 KB (561,152 bytes)

The file mafia scanner.exe has been seen being distributed by the following URL.

http://dc668.4shared.com/download/.../Dz_Mafia.exe

Remove mafia scanner.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.