» malware83
Overview
Analysis
File Details

malware83

Smart Defrag v3

Meicun Ge

The file malware83 has been detected as malware by 5 anti-virus scanners.

File name:

malware83

Publisher:

IObit (signed by Meicun Ge)

Product:

Smart Defrag v3

Version:

3.3.0.384

MD5:

153fb660076f2a7e32ad90906d025dd7

SHA-1:

1eb4d54cf8ff69ed66a89b303f20c1822863aef9

SHA-256:

80b1bc901d53b1086ac0b6306edb629a12e70a2e2e18e3c0f71f337b6de85063

Scanner detections:

5 / 68

Status:

Malware

Analysis date:

12/5/2024 12:55:30 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Generic_r

2016.0.3051

ESET NOD32

Win32/Agent.RHL (variant)

9.11920

Microsoft Security Essentials

Trojan:Win32/Hitbrovi!dha

1.1.11804.0

Sophos

Mal/Agent-ARC

4.98

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

41880

File size:

362.2 KB (370,904 bytes)

Product version:

3.3.0.384

Language:

Language Neutral

Digital Signature

Signed by:

Meicun Ge

Authority:

Unizeto Technologies S.A.

Valid from:

9/8/2014 9:49:43 AM

Valid to:

9/8/2015 9:49:43 AM

Subject:

E=meicunge@gmail.com, CN="Open Source Developer, meicun ge", O=Meicun Ge, C=CN

Issuer:

CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

4FC13D6220C629043A26F81B1CAD72D8

File PE Metadata

Compilation timestamp:

12/12/2014 1:39:19 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:ZkoasnHKs9izQyEl/7v01q7JSbqsjFWfNViQCP8JAvOVWWcW9A62/P/nDc8Q2Wjx:ZkoaPNEl/7vkq10qEkfdQ/vuWHm2/Xon

Entry address:

0x6C2C5

Entry point:

60, 9C, E8, A2, E6, 01, 00, F8, 53, F8, 04, 6F, F9, E8, B3, 58, 04, 00, A0, 1C, 9F, 2A, 9A, 05, 63, F3, 33, 9E, 92, 40, E1, 5F, EE, 75, 26, 37, 07, 34, 67, 2C, 9A, 3E, 7F, 46, D4, 1F, E0, 10, 03, AA, 2A, F1, F1, D6, D8, 44, 65, 99, F7, 69, 94, B5, B9, E3, AC, EF, CC, 65, 2E, 20, 8B, E9, 4D, 13, 5A, 30, 32, 58, A9, 07, E5, DA, FB, 8B, D5, 46, 5B, F6, 55, 95, 63, 64, 1C, EB, 95, 74, 55, 95, 64, 1A, 79, B9, AB, 1C, FA, 9B, 64, A2, 71, 98, 0B, AF, 4B, 67, 2A, 99, E6, E8, 27, 0F, DE, 61, C4, 50, E3, 88, B6, 49... 
[+]

Code size:

187 KB (191,488 bytes)

Remove malware83 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.