home

projet 102.exe

.NET Detector Tool

RAYMONDCC TECH

The executable projet 102.exe, “Check which .NET Framework is installed” has been detected as malware by 3 anti-virus scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
RAYMONDCC TECH  (signed and verified)

Product:
.NET Detector Tool

Description:
Check which .NET Framework is installed

Version:
1,0

MD5:
abd3ff14947dfe770d1b5b744355b527

SHA-1:
abd13a192db90ab00794bf6edcf0de7152b1a4a6

SHA-256:
3a24a23a1eddaf470938815026e60dac1da562f381d64a90fa1a58902ca41898

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
11/27/2024 9:33:22 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Kryptik.HSD (variant)
10.14435

G Data
MSIL.Trojan.Injector.KA
16.11.25

Microsoft Security Essentials
Backdoor:Win32/Fynloski
1.1.13202.0

File size:
690.1 KB (706,696 bytes)

Product version:
1,0

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\projet 102.exe

Digital Signature
Signed by:
RAYMONDCC TECH

Authority:
COMODO CA Limited

Valid from:
12/15/2011 12:00:00 AM

Valid to:
12/14/2016 11:59:59 PM

Subject:
CN=RAYMONDCC TECH, O=RAYMONDCC TECH, STREET=5 TINGKAT 7 BLOK 18, STREET=HALAMAN TEMBAGA, L=GEORGETOWN, S=PULAU PINANG, PostalCode=11600, C=MY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
486C353F4CC198096BEBB9CA37B5ACBF

File PE Metadata
Compilation timestamp:
11/12/2016 6:50:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:S2RQL2oIQBP7M/H2Q87urp4JALE14VYFiGB/acLNN7PEW8T5/CrLWYaTfgP7D7Mg:lRQNjM/H2T724JAw14KFtTn7PTk56rLX

Entry address:
0xA663E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
658 KB (673,792 bytes)

Remove projet 102.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.