» malware81
Overview
Analysis
File Details

malware81

UltraDefrag GUI interface

Meicun Ge

The file malware81 has been detected as malware by 11 anti-virus scanners.

File name:

malware81

Publisher:

UltraDefrag Development Team (signed by Meicun Ge)

Product:

UltraDefrag GUI interface

Version:

6.0.4.0

MD5:

22fd32f1237f1d1532c04307da1ba031

SHA-1:

dbdbd70677ab316501e083675e595ebba6164a6e

SHA-256:

e4a546b386631d991a5cb2d4eb07a4cff54c302197cb2949c601eb89c5991a99

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

12/5/2024 12:52:34 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Mikey.18571

573

AVG

Agent_r

2016.0.3051

Bitdefender

Gen:Variant.Mikey.18571

1.0.20.960

Emsisoft Anti-Malware

Gen:Variant.Mikey.18571

8.15.07.11.08

F-Secure

Gen:Variant.Mikey.18571

11.2015-11-07_7

G Data

Gen:Variant.Mikey.18571

15.7.25

Microsoft Security Essentials

Trojan:Win32/Hitbrovi!dha

1.1.11804.0

MicroWorld eScan

Gen:Variant.Mikey.18571

16.0.0.576

Panda Antivirus

Generic Suspicious

15.07.11.08

Sophos

Mal/Agent-ARC

4.98

VIPRE Antivirus

Trojan.Win32.Generic

41890

File size:

361.7 KB (370,392 bytes)

Product version:

6.0.4.0

Language:

Language Neutral

Digital Signature

Signed by:

Meicun Ge

Subject:

E=meicunge@gmail.com, CN="Open Source Developer, meicun ge", O=Meicun Ge, C=CN

Serial number:

4FC13D6220C629043A26F81B1CAD72D8

File PE Metadata

Compilation timestamp:

3/27/2015 1:54:59 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:l1K3yHqNwBlzWGieeDa00w/1+y3oWDVlZMBpVCh1pQvsJm+SxORRSLD3HYi7xJ+t:TK3xclqGaJPx8BpVCfKvs2xISXYi6b

Entry address:

0x90295

Entry point:

9C, E8, BF, CB, FD, FF, AC, F8, F9, 66, 0F, BA, E3, 0B, 88, 6C, 24, 04, D0, C0, 66, 81, FB, 3A, 43, F8, 04, 3D, 84, ED, F9, 84, EE, E8, 73, D9, FF, FF, 66, 0F, BA, EA, 0D, 89, 0C, 24, 66, 81, FE, A4, 79, 66, 0F, BA, E1, 0B, 53, 0F, AC, F1, 1F, 57, 0F, C9, 86, CE, 56, FE, C6, 66, C1, E6, 0C, 80, C5, 3D, 0F, AC, F1, 0B, 8B, 55, 08, 66, F7, DE, D2, ED, E8, C7, 5B, 02, 00, 61, 22, 8A, CB, BF, A4, C9, B4, 12, E4, F9, 31, 39, 4D, 43, 5C, 54, D2, 7A, 1C, BC, 9A, 0A, 5B, 04, 89, 6B, 7D, 45, 1E, DC, 1A, 10, F6, AA... 
[+]

Code size:

190.5 KB (195,072 bytes)

Remove malware81 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.