» nahveye tanzime email dar microssoft outlook express 2007.exe
Overview
Analysis
File Details
Downloads (1)

nahveye tanzime email dar microssoft outlook express 2007.exe

Ashiyane Super Binder Stub

The executable nahveye tanzime email dar microssoft outlook express 2007.exe has been detected as malware by 6 anti-virus scanners. The file has been seen being downloaded from sess.shirazu.ac.ir.

File name:

Publisher:

Microsoft* (Invalid match)

Product:

Ashiyane Super Binder Stub

Version:

1.0.0.0

MD5:

c99af00244d6bc07bf014fa70b941486

SHA-1:

29d84a2b1da870da71856ed70bbb4b1f93623b4e

SHA-256:

cc297fa4efb870b92f47545cfd86741748179be5dafc27bb6686b23a309b5875

Scanner detections:

6 / 68

Status:

Malware

Analysis date:

4/24/2025 5:41:38 AM UTC (today)

Scan engine

Detection

Engine version

avast!

MSIL:GenMalicious-WP [Trj]

160518-2

Emsisoft Anti-Malware

Trojan.Generic.8593680

11.5.0.6191

ESET NOD32

MSIL/TrojanDropper.Agent.LY trojan

8.0.319.0

F-Secure

Packed:W32/DonutCrypt.A

5.15.96

Microsoft Security Essentials

Threat.Undefined

1.223.68.0

Norman

Trojan.Generic.8593680

19.05.2016 05:17:13

File size:

1.5 MB (1,592,237 bytes)

Product version:

1.0.0.0

Original file name:

Ashiyane Super Binder Stub.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\nahveye tanzime email dar microssoft outlook express 2007.exe

File PE Metadata

Compilation timestamp:

1/11/2013 12:47:36 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

24576:ZUwaBFATslPKcsJGq0h5++QJVTnpNHk+rYr2kukpR6i5EjDiUPuIrf20WgKmhlPg:ZUwa0ErsMf+9Zi2lfihkf7ZZc4iz

Entry address:

0x522E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0582

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

13 KB (13,312 bytes)

The file nahveye tanzime email dar microssoft outlook express 2007.exe has been seen being distributed by the following URL.

https://sess.shirazu.ac.ir/.../272169749119

Remove nahveye tanzime email dar microssoft outlook express 2007.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.