home

malware108

PCSwift

Jagdeependra

The file malware108 has been detected as malware by 6 anti-virus scanners.
Publisher:
PGWARE LLC  (signed by Jagdeependra)

Product:
PCSwift

Version:
1.0.0.0

MD5:
957983a6a4e75b5c97f4a2fb48f6c771

SHA-1:
785ff4ba7d3b8c9a108c933c374b72218e3a8d98

SHA-256:
65fa19f5662e0fa5cde79411b781a166cdea313aa68360ebe702bf4c7bd307f1

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
12/5/2024 1:17:01 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Black.Gen2
8.3.1.6

avast!
Win32:Agent-AVCX [Trj]
2014.9-150711

Bkav FE
HW32.Packed
1.3.0.6979

ESET NOD32
Win32/Agent.WSY (variant)
9.11920

Kaspersky
Trojan-Spy.Win32.FinSpy
14.0.0.1751

Sophos
Mal/VMProtBad-A
4.98

File size:
373.8 KB (382,728 bytes)

Product version:
1.0.0.0

Copyright:
Copyright (c) 2014 PGWARE LLC

Language:
Language Neutral

Digital Signature
Signed by:
Jagdeependra

Authority:
COMODO CA Limited

Valid from:
7/1/2013 2:00:00 AM

Valid to:
7/2/2015 1:59:59 AM

Subject:
CN=Jagdeependra, OU=tech, O=Jagdeependra, STREET=r/o sehi kala, L=chirwa, S=rajasthan, PostalCode=333026, C=IN

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
55086D0B1A4EE0E271F82DCCC75233CB

File PE Metadata
Compilation timestamp:
11/20/2014 4:41:59 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:+rFkTLrPnYG8BQrU+PiuFglThXuOx/9GQBM/PON4NVOGJtyqmNVS1+:qFkTXl8cRFglThXuGvBM/g4jOGJt/mN7

Entry address:
0x72719

Entry point:
60, 60, E9, 93, 30, 02, 00, 57, 4F, F9, A6, 41, A6, FC, 54, F4, 30, 7C, 33, 8A, 0F, 19, 18, CB, 00, FD, 78, 44, CE, FA, 6A, 1E, 62, 46, E2, 86, A7, 3B, BB, 0D, BE, 0B, BF, 29, E3, E0, DC, 03, BC, F3, A8, 59, 4D, 98, 9E, 11, 79, C4, FF, 39, A6, 3F, 5A, 8D, EB, 5F, 9D, E0, 48, 2E, 4E, 27, F0, A2, EC, 4E, 31, 54, 01, 44, E1, DE, 83, 01, 13, 14, 68, 8B, 18, B2, 71, C5, B1, 35, B1, 87, F0, 06, EA, 56, 60, 17, 63, B0, 34, 8B, 82, DA, 08, 6E, 89, 05, 82, C0, F4, 40, 39, DE, 0A, 58, AA, 19, 75, 8B, 3D, 65, 43, 85...
 
[+]

Entropy:
7.7408  (probably packed)

Code size:
170.5 KB (174,592 bytes)

Remove malware108 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.