» PAYPAL HACK.exe
Overview
Analysis
File Details
Downloads (1)

PAYPAL HACK.exe

PAYPAL HACK

The executable PAYPAL HACK.exe has been detected as malware by 13 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fs06n5.sendspace.com.

File name:

PAYPAL HACK.exe

Product:

PAYPAL HACK

Version:

1.0.0.0

MD5:

4d1871efc527ccfc498c2d7ce7d75862

SHA-1:

6cd665df5a74808a629d0f7800e7d4c48a64fa0c

SHA-256:

89a8c768df8ccb0db9ca6e29f9ef464c2c68dc5a6f77efecccb5524e830c0d05

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

11/23/2024 9:38:31 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.707512

178

Arcabit

Trojan.Kazy.DACBB8

1.0.0.656

Bitdefender

Gen:Variant.Kazy.707512

1.0.20.1115

Emsisoft Anti-Malware

Gen:Variant.Kazy.707512

8.16.08.10.02

ESET NOD32

MSIL/PSW.Agent.ONZ (variant)

10.13137

Fortinet FortiGate

MSIL/Agent.NRZ!tr.pws

8/10/2016

F-Secure

Gen:Variant.Kazy.707512

11.2016-10-08_4

G Data

Gen:Variant.Kazy.707512

16.8.25

Microsoft Security Essentials

TrojanSpy:MSIL/Aconstel.A

1.1.12505.0

MicroWorld eScan

Gen:Variant.Kazy.707512

17.0.0.669

Panda Antivirus

Trj/Sharik.B

16.08.10.02

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1120

Sophos

Mal/Generic-S

4.98

File size:

132 KB (135,168 bytes)

Product version:

1.0.0.0

Original file name:

PAYPAL HACK.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\paypal hack.exe

File PE Metadata

Compilation timestamp:

2/22/2016 6:47:32 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:iml8tMdpwABRzZ5hxGuNooK02Bj9Q+aKdZDeGB5myAgnbcf:imndpwGhIoJKfUWdZD

Entry address:

0x21B1E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

127 KB (130,048 bytes)

The file PAYPAL HACK.exe has been seen being distributed by the following URL.

https://fs06n5.sendspace.com/dl/988565784aca8b64ba66f2bb028b2cec/56d2634e1cde13aa/.../PAYPAL HACK.exe

Remove PAYPAL HACK.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.