home

null - null.exe

Vkontakte DJ Installer

The executable null - null.exe has been detected as malware by 14 anti-virus scanners. The file has been seen being downloaded from setup.vkdjmusic.com and multiple other hosts.
Product:
Vkontakte DJ Installer

Version:
1.9.1.18

MD5:
d7f81c1e7dd753182f3e995cf6d96fcd

SHA-1:
6cb43624e5ee85e00384241286aab3a290d214fc

SHA-256:
c3203878f4dbcebe3e6427c5a61c5b5a43638276707e49e84d419271166f79e4

Scanner detections:
14 / 68

Status:
Malware

Analysis date:
11/27/2024 7:26:27 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.15157516
458

Arcabit
Trojan.Generic.DE7490C
1.0.0.585

avast!
Win32:Malware-gen
2014.9-151104

Bitdefender
Trojan.Generic.15157516
1.0.20.1540

Dr.Web
riskware program Program.VKontakteDJ.6
9.0.1.05190

Emsisoft Anti-Malware
Trojan.Generic.15157516
8.15.11.04.07

F-Secure
Trojan.Generic.15157516
11.2015-04-11_4

G Data
Trojan.Generic.15157516
15.11.25

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.1174

McAfee
Artemis!D7F81C1E7DD7
5600.6592

MicroWorld eScan
Trojan.Generic.15157516
16.0.0.924

nProtect
Trojan.Generic.15157516
15.10.28.01

Rising Antivirus
PE:Malware.RDM.40!5.2E[F1]
23.00.65.151001

VIPRE Antivirus
Trojan.Win32.Generic
44866

File size:
562.5 KB (576,000 bytes)

Product version:
1.9.1.18

Copyright:
Copyright © 2015

Original file name:
DjLoader.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\null - null.exe

File PE Metadata
Compilation timestamp:
9/30/2015 2:39:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:XOJIBtFz4P7qsKQ0jnAt4BknkW3F2nzmsMBtFC:eIJz4DBKQ0jnpBknk42zmsMJC

Entry address:
0x6AA2E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.4914

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
419 KB (429,056 bytes)

The file null - null.exe has been seen being distributed by the following 5 URLs.

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=Señor no tengo edad para llorar por mi pasado - Pe. Zezinho, scj

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=????? - ????? ???? (???????????? ?????)

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=I Octane - More Money

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=?????????? ??????????? (?? ???????????? "????? ???????") - ???? 1. ????????? ?????????????? ???? ????? ? ???????? ???? ??? ??-????????

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=null - null

Remove null - null.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.