» malware115
Overview
Analysis
File Details

malware115

CCleaner

Jagdeependra

The file malware115 has been detected as malware by 16 anti-virus scanners.

File name:

malware115

Publisher:

Piriform Ltd (signed by Jagdeependra)

Product:

CCleaner

Version:

4.14.0.4707

MD5:

30778fc99ec00382fa908036b664b674

SHA-1:

b8d43668647fbf7c6d7ea71394ebdc6bff28f364

SHA-256:

baeeaa76462137aeb5141af615e35f9c51677738bfacc9f9f58dbd9e9d442e0d

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

12/5/2024 1:26:21 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Mikey.18771

573

Avira AntiVirus

TR/Black.Gen2

8.3.1.6

Arcabit

Trojan.Mikey.D4953

1.0.0.425

avast!

Win32:Agent-AVCX [Trj]

2014.9-150711

AVG

Agent_r

2016.0.3051

Bitdefender

Gen:Variant.Mikey.18771

1.0.20.960

Bkav FE

HW32.Packed

1.3.0.6979

Emsisoft Anti-Malware

Gen:Variant.Mikey.18771

8.15.07.11.07

ESET NOD32

Win32/Agent.WSY (variant)

9.11925

Fortinet FortiGate

W32/FinSpy.A!tr

7/11/2015

G Data

Gen:Variant.Mikey.18771

15.7.25

IKARUS anti.virus

Trojan.Win32.Agent

t3scan.1.9.5.0

Kaspersky

Trojan-Spy.Win32.FinSpy

14.0.0.1751

MicroWorld eScan

Gen:Variant.Mikey.18771

16.0.0.576

Panda Antivirus

Generic Suspicious

15.07.11.07

Sophos

Mal/VMProtBad-A

4.98

File size:

395.3 KB (404,744 bytes)

Product version:

4.14.0.4707

Language:

Language Neutral

Digital Signature

Signed by:

Jagdeependra

Authority:

COMODO CA Limited

Valid from:

7/1/2013 2:00:00 AM

Valid to:

7/2/2015 1:59:59 AM

Subject:

CN=Jagdeependra, OU=tech, O=Jagdeependra, STREET=r/o sehi kala, L=chirwa, S=rajasthan, PostalCode=333026, C=IN

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

55086D0B1A4EE0E271F82DCCC75233CB

File PE Metadata

Compilation timestamp:

7/18/2014 11:38:14 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:YTtezw5t76srpEPpxHwnEie/YXayp8rJiAZ:uEe2slQ/0+V

Entry address:

0x6B344

Entry point:

E8, F0, 11, 02, 00, 9C, 89, C3, 53, 66, 0F, BA, E4, 05, E9, 48, C0, FF, FF, F0, FD, 0D, 90, DE, 80, 21, A7, C6, EA, D0, B8, CA, E2, D0, B4, C6, D2, C6, 97, 23, 71, 01, 9B, 6F, 59, 3B, A6, 46, FD, 8D, 2F, A5, 1E, AC, 3C, 8A, B8, 6A, 42, 7D, C6, 21, 12, 21, 97, F6, BA, D4, 64, 26, D3, 18, 29, 1D, 5D, 5F, 03, B7, 56, 99, 0A, DA, 19, 62, 2D, 35, 85, 36, B9, F3, E1, E2, 40, 4E, 8E, 61, 69, 73, 0C, D3, DD, 76, 06, 92, 22, 48, C6, 90, 24, E8, B7, E4, 9E, 16, 2C, 0F, 8E, B7, 14, 86, AA, 76, C8, 21, 23, A4, 0E, E2... 
[+]

Entropy:

7.8741 (probably packed)

Code size:

167.5 KB (171,520 bytes)

Remove malware115 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.