» malware101
Overview
Analysis
File Details

malware101

Linkman

Jagdeependra

The file malware101 has been detected as malware by 15 anti-virus scanners.

File name:

malware101

Publisher:

Outertech (signed by Jagdeependra)

Product:

Linkman

Version:

8.9.3.1

MD5:

c76746961d1a3245adb4bed015ab7cb9

SHA-1:

254e137971dc25ebcc8009bc93edb21a22068d9b

SHA-256:

133593d3a271901ea8e27910eb7c57f461b4499405022624233eea318c298399

Scanner detections:

15 / 68

Status:

Malware

Analysis date:

12/4/2024 6:09:35 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Mikey.18729

573

Avira AntiVirus

TR/Black.Gen2

8.3.1.6

Arcabit

Trojan.Mikey.D4929

1.0.0.425

avast!

Win32:Agent-AVCX [Trj]

2014.9-150711

Bitdefender

Gen:Variant.Mikey.18729

1.0.20.960

Bkav FE

HW32.Packed

1.3.0.6979

Emsisoft Anti-Malware

Gen:Variant.Mikey.18729

8.15.07.11.07

ESET NOD32

Win32/Agent.WSY (variant)

9.11925

Fortinet FortiGate

W32/FinSpy.A!tr

7/11/2015

G Data

Gen:Variant.Mikey.18729

15.7.25

IKARUS anti.virus

Trojan.Win32.Agent

t3scan.1.9.5.0

Kaspersky

Trojan-Spy.Win32.FinSpy

14.0.0.1751

MicroWorld eScan

Gen:Variant.Mikey.18729

16.0.0.576

Panda Antivirus

Generic Suspicious

15.07.11.07

Sophos

Mal/VMProtBad-A

4.98

File size:

368.8 KB (377,608 bytes)

Product version:

8.9.3.1

Language:

Language Neutral

Digital Signature

Signed by:

Jagdeependra

Authority:

COMODO CA Limited

Valid from:

7/1/2013 2:00:00 AM

Valid to:

7/2/2015 1:59:59 AM

Subject:

CN=Jagdeependra, OU=tech, O=Jagdeependra, STREET=r/o sehi kala, L=chirwa, S=rajasthan, PostalCode=333026, C=IN

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

55086D0B1A4EE0E271F82DCCC75233CB

File PE Metadata

Compilation timestamp:

9/8/2014 4:17:41 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:5d/aaGFBfwbtyCR8qe7ohaXQY49Xg9BYvwS26cO/YsFn4CzhhPqxrLJbRy34cfjD:50aGFCb8i8P0Q9GobdkYsphhPqxrNbcx

Entry address:

0x81524

Entry point:

9C, 8D, 64, 24, 04, 0F, 83, C6, 48, FE, FF, 60, C6, 44, 24, 0C, 6D, C7, 44, 24, 1C, 92, 00, B6, BD, 9C, E8, 33, 12, 03, 00, E8, F9, 02, 2A, 8E, DF, 50, 8A, 1F, B0, C7, 0D, 9E, 46, E1, 8D, 0D, A6, D6, 03, 64, 43, FF, 04, 75, 21, 91, C8, D9, 52, E4, FD, 7F, ED, 44, 0A, AC, DA, 6F, 47, BB, B8, C5, 9A, FC, DB, 98, 8B, BF, A5, 12, CD, E4, FD, 0E, 30, 4E, 23, 59, 06, D6, FC, 10, 3C, 69, 7D, AD, 1F, A3, F9, 9F, 27, 59, BA, C7, 08, 2A, 47, 44, 94, E4, EB, DA, 7F, 2A, 60, 52, 8F, DF, 0F, 85, 49, 9C, DB, E8, C5, 62... 
[+]

Entropy:

7.8607 (probably packed)

Code size:

170.5 KB (174,592 bytes)

Remove malware101 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.