oopscrasher.exe

The application oopscrasher.exe has been detected as a potentially unwanted program by 29 anti-malware scanners. The file has been seen being downloaded from download1223.mediafire.com and multiple other hosts.
Version:
1.0.0.0

MD5:
e65828bfa4c416795c4709ae5f09e4a3

SHA-1:
9654670bff8a9520373f47d6c4031c93a5d4b313

SHA-256:
e01d8938e5690de49d11882e214881ed7817b3ef905ab5b6c982a486342df0dc

Scanner detections:
29 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 4:51:35 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Hacktool.FM
918

Agnitum Outpost
DoS.Agent
7.1.1

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.1481

Bitdefender
Application.Hacktool.FM
1.0.20.1065

Bkav FE
W32.OnGamesJAVADST.Trojan
1.3.0.4959

Comodo Security
Application.Win32.Hacktool.DDos.~A
19042

Dr.Web
Program.SampCrash.1
9.0.1.0213

ESET NOD32
Win32/DoS.PsooCrasher.A trojan
6.3.12010.0

F-Prot
W32/MalwareF.KEGO
4.6.5.141

F-Secure
Application.Hacktool.FM
11.2014-01-08_6

G Data
Application.Hacktool.FM
14.8.24

IKARUS anti.virus
DoS.Win32.Agent
t3scan.1.6.1.0

K7 AntiVirus
Riskware
13.182.12911

Kaspersky
DoS.Win32.Agent
15.0.2.529

McAfee
RDN/Generic PUP.z!dj
5600.7052

MicroWorld eScan
Application.Hacktool.FM
15.0.0.639

NANO AntiVirus
Trojan.Win32.Agent.csziwz
0.28.2.61148

Norman
Hacktool.OSQ
11.20140801

nProtect
Trojan/W32.DoS.904927
14.07.31.01

Panda Antivirus
Trj/CI.A
14.08.01.09

Qihoo 360 Security
Win32/Trojan.DoS.284
1.0.0.1015

Quick Heal
HackTool.Flooder
8.14.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.154EDB71!357489521
23.00.65.14730

Sophos
Mal/Generic-L
4.98

Trend Micro House Call
DDOS_CRASH.UJ
7.2.213

Trend Micro
DDOS_CRASH.UJ
10.465.01

Vba32 AntiVirus
DoS.Agent
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
31800

ViRobot
VirTool.DDos.904927
2011.4.7.4223

File size:
883.7 KB (904,927 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/6/2006 12:04:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

CTPH (ssdeep):
24576:zOL4aPxIUpOOHsayoLhrss1qQSV5ifk4pJ1y:zINk4JoK7S2hpJg

Entry address:
0x1DF6

Entry point:
55, 8B, EC, 6A, FF, 68, B0, 23, 40, 00, 68, 40, 1F, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 20, 53, 56, 57, 89, 65, E8, 83, 65, FC, 00, 6A, 01, FF, 15, C8, 20, 40, 00, 59, 83, 0D, 64, 31, 40, 00, FF, 83, 0D, 68, 31, 40, 00, FF, FF, 15, C4, 20, 40, 00, 8B, 0D, 5C, 31, 40, 00, 89, 08, FF, 15, C0, 20, 40, 00, 8B, 0D, 58, 31, 40, 00, 89, 08, A1, BC, 20, 40, 00, 8B, 00, A3, 6C, 31, 40, 00, E8, CF, 00, 00, 00, 83, 3D, 30, 30, 40, 00, 00, 75, 0C, 68, 30, 1F, 40, 00, FF, 15, B8, 20...
 
[+]

Entropy:
7.0200

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
4 KB (4,096 bytes)

The file oopscrasher.exe has been seen being distributed by the following 7 URLs.

http://download1223.mediafire.com/wwegc899bspg/.../OppsCrasher.exe

http://www54.uptobox.com/d/.../OopsCrasher.exe

http://www54.uptobox.com/d/.../OopsCrasher.exe

Remove oopscrasher.exe - Powered by Reason Core Security