home

new folder.exe

Project1

MNDsoft

The executable new folder.exe has been detected as malware by 37 anti-virus scanners.
Publisher:
MNDsoft

Product:
Project1

Version:
1.00

MD5:
1f439fd88a83b4115d9347dee89ce796

SHA-1:
ee9ef14c3a93236e0056e44c1a9563e965cfb54c

SHA-256:
9036efa77fa500907c177c17c844eabece0d591ad39ee3c8a722520860a50d08

Scanner detections:
37 / 68

Status:
Malware

Analysis date:
11/29/2024 4:33:18 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.5003891
-40

AhnLab V3 Security
Trojan/Win32.Genome
2014.01.21

Avira AntiVirus
TR/Patched.Ren.Gen
7.11.125.224

avast!
Win32:Sality
2014.9-170316

AVG
Citem
2018.0.2438

Baidu Antivirus
Trojan.Win32.Cosmu
4.0.3.17316

Bitdefender
Trojan.Generic.5003891
1.0.20.375

Bkav FE
W32.Hfs.VetorF496
1.3.0.4923

Clam AntiVirus
Trojan.Cosmu-187
0.98/18155

Dr.Web
Win32.HLLW.Dumb.3
9.0.1.075

Emsisoft Anti-Malware
Trojan.Generic.5003891
8.17.03.16.03

ESET NOD32
Win32/Virut.NBP
11.9312

Fortinet FortiGate
W32/Cosmu.BCCY!tr
3/16/2017

F-Prot
W32/VBTrojan.Downloader.1D!Maxi
v6.4.7.1.166

F-Secure
Trojan.Generic.5003891
11.2017-16-03_5

G Data
Trojan.Generic.5003891
17.3.24

IKARUS anti.virus
Trojan.Crypt
t3scan.2.2.29

K7 AntiVirus
Trojan
13.175.10881

Kaspersky
Trojan.Win32.Cosmu
14.0.0.-1316

Malwarebytes
Trojan.Agent
v2017.03.16.03

McAfee
W32/Worm-FAR!1F439FD88A83
5600.6094

Microsoft Security Essentials
Worm:Win32/Ainslot.H
1.165.247.01

MicroWorld eScan
Trojan.Generic.5003891
18.0.0.225

NANO AntiVirus
Trojan.Win32.Cosmu.cmxqtk
0.28.0.57029

Norman
Obfuscated.H2!genr
11.20170316

nProtect
Trojan/W32.Cosmu.229376.F
14.01.20.02

Panda Antivirus
W32/Autorun.KOX
17.03.16.03

Quick Heal
Worm.Ainslot.A3
3.17.12.00

Rising Antivirus
PE:Malware.FakeFolder@CV!1.6AA9
23.00.65.17314

Sophos
Mal/Generic-E
4.96

SUPERAntiSpyware
Trojan.Agent/Gen-Vbinject
8533

Total Defense
Win32/FakeFLDR_i
37.0.10498

Trend Micro House Call
WORM_AUTORUN.INO
7.2.75

Trend Micro
WORM_AUTORUN.INO
10.465.16

Vba32 AntiVirus
Trojan.VB.Failer.vm
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
25614

ViRobot
Trojan.Win32.A.Cosmu.106496
2011.4.7.4223

File size:
224 KB (229,376 bytes)

Product version:
1.00

Original file name:
New Folder (2).exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\microsoft\windows\start menu\programs\startup\new folder.exe

File PE Metadata
Compilation timestamp:
9/3/2008 6:53:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1440

Entry point:
68, 78, 1E, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, FA, C7, 2A, 44, 50, F6, C2, 4D, 90, D1, C3, E5, A7, 83, 18, F2, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 3A, 5C, 22, 20, 26, 20, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 65, 72, 20, 28, 32, 29, 2E, 00, 00, 00, 00, FF, CC, 31, 00, 01, 60, 48, 21, 46, 02, D3, 0E, 40, A8, 2F, 5D, F8, 24, 42, DA, 1A, 7C, 9B, 75, EB, 18, 77, 6A, 4C, B0, 9A, 7C, 3E, EE, 2E, 93, E4, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
4.0319

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
16 KB (16,384 bytes)

User Start Menu Item
Name:
New Folder (2).exe


Remove new folder.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.