» ogxaeeakys.exe
Overview
Analysis
File Details
Downloads (1)

ogxaeeakys.exe

PaRaMeter

ClevefStat

The application ogxaeeakys.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. The file has been seen being downloaded from evaporez.com.

File name:

ogxaeeakys.exe

Publisher:

ClevefStat

Product:

PaRaMeter

Version:

1.4.8.13

MD5:

8e9be2e3b4e0aac630a18fb3f9143078

SHA-1:

601f670ac9faf27cef8b7a0ac7cf5504a2a1aed2

SHA-256:

3cf7505975f3bcc040e6a11396187af7fdf0681768aeb3efca51ed31666296b2

Scanner detections:

27 / 68

Status:

Potentially unwanted

Analysis date:

11/5/2024 1:57:21 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Agent

7.1.1

Avira AntiVirus

DR/Delphi.A.9571

8.3.2.2

Arcabit

Trojan.Generic.D2BC0D7

1.0.0.593

avast!

Win32:Malware-gen

151024-0

AVG

Inject3

2016.0.2889

Baidu Antivirus

Trojan.Win32.Injector

4.0.3.151220

Bitdefender

Trojan.GenericKD.2867415

1.0.20.1770

Dr.Web

Trojan.Inject2.8376

9.0.1.05190

Emsisoft Anti-Malware

Trojan.GenericKD.2867415

8.15.12.20.03

ESET NOD32

Win32/Injector.CMAR trojan

7.0.302.0

Fortinet FortiGate

W32/Agent.NETDRM!tr

12/20/2015

F-Secure

Trojan.GenericKD.2867415

11.2015-20-12_1

G Data

Win32.Trojan.Agent.76INR3

15.12.25

IKARUS anti.virus

Trojan.Win32.Injector

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.212.17844

Kaspersky

Trojan.Win32.Agent.netdrm

15.0.0.562

Malwarebytes

Backdoor.Bot

v2015.12.20.03

McAfee

Artemis!8E9BE2E3B4E0

5600.6545

MicroWorld eScan

Trojan.GenericKD.2867415

16.0.0.1062

NANO AntiVirus

Trojan.Win32.Agent.dyoyju

0.30.26.4437

nProtect

Trojan.GenericKD.2867415

15.11.13.01

Panda Antivirus

Generic Suspicious

15.12.20.03

Qihoo 360 Security

Win32/Trojan.917

1.0.0.1077

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

45196

ViRobot

Trojan.Win32.Z.Agent.894464.A[h]

2014.3.20.0

Zillya! Antivirus

Adware.Eorezo.Win32.17747

2.0.0.2507

File size:

873.5 KB (894,464 bytes)

Product version:

1.4.8.13

CleverStat

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\ogxaeeakys.exe

File PE Metadata

Compilation timestamp:

2/12/2015 1:24:54 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:p7rZOtEIF003qWoVoyfCwksOC/8tQrrNPzN+Sei1niG6vheKRtowvq5HL4S1ulW2:VZXo1qW4oZ89JvNPjeMniG6vheQ/h

Entry address:

0xA881C

Entry point:

55, 8B, EC, 83, C4, F0, B8, 0C, 86, 4A, 00, E8, F4, E1, F5, FF, A1, 88, 04, 4B, 00, 8B, 00, E8, 38, DB, FA, FF, 8B, 0D, FC, 05, 4B, 00, A1, 88, 04, 4B, 00, 8B, 00, 8B, 15, 6C, 7D, 4A, 00, E8, 38, DB, FA, FF, A1, 88, 04, 4B, 00, 8B, 00, E8, AC, DB, FA, FF, E8, 47, BB, F5, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.7285

Developed / compiled with:

Microsoft Visual C++

Code size:

670.5 KB (686,592 bytes)

The file ogxaeeakys.exe has been seen being distributed by the following URL.

http://evaporez.com/w.exe

Remove ogxaeeakys.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.