home

pfgaxzgflt

RecA

The file pfgaxzgflt has been detected as malware by 1 anti-virus scanner.
Publisher:
RecA  (signed and verified)

Version:
0.0.0.0

MD5:
2893b3dd7bd5134bc0c5450d9da5cf05

SHA-1:
71ce324affb804e7d83dd1670189287253e513ef

SHA-256:
8f7bb32d6d3319e2caa87a5b082d4bef1ea2367680034a0377af9d5e3280a948

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/16/2024 7:02:30 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.13.15

File size:
130.7 KB (133,866 bytes)

Product version:
0.0.0.0

Original file name:
cYkpUkK3wUc6NDyVO81hyiDWp0diTXJpqVlUoizp66QJozBJ32gYfO1wL.exe

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\pfgaxzgflt

Digital Signature
Signed by:
RecA

Authority:
RecA

Valid from:
7/2/2016 1:12:39 PM

Valid to:
7/3/2026 1:12:39 PM

Subject:
E=owner@reca.net, CN=www.reca.net, OU=Support Dept, O=RecA, L=Cologne, S=Sortil, C=DE

Issuer:
E=owner@reca.net, CN=www.reca.net, OU=Support Dept, O=RecA, L=Cologne, S=Sortil, C=DE

Serial number:
008FE7E51E617A60CF

File PE Metadata
Compilation timestamp:
7/2/2016 9:38:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:qZyVL7Tn+7ugr5H0zZH+mVbMK4ZRDP06zfLm:QyVL7Tvgd0zZemVkDPtzDm

Entry address:
0x1548E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
80 KB (81,920 bytes)

Remove pfgaxzgflt - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.