home

radio.exe

DVDPlayerProject

The executable radio.exe has been detected as malware by 7 anti-virus scanners. While running, it connects to the Internet address 188.ip-149-202-33.eu on port 8890.
Publisher:
Microsoft*  (Invalid match)

Product:
DVDPlayerProject

Version:
1.00

MD5:
34743d7bfb00e3d45ed6f1f2655846e5

SHA-1:
8f1652923a7f91495317e3ebc632bab9c10793f7

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
12/27/2024 2:34:41 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/ATRAPS.Gen
7.11.102.228

Bitdefender
Gen:Variant.Kazy.62483
1.0.20.860

IKARUS anti.virus
Trojan.ATRAPS
t3scan.2.0.127

McAfee
Artemis!34743D7BFB00
5600.7092

Norman
Suspicious_Gen4.CAIWR
11.20140621

Trend Micro House Call
TROJ_GEN.RCBH1KH
7.2.172

VIPRE Antivirus
Trojan.Win32.Generic
21558

File size:
24 KB (24,576 bytes)

Product version:
1.00

Original file name:
radio.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\oyunpiyat 3.0\radio.exe

File PE Metadata
Compilation timestamp:
4/27/2005 1:30:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
192:gjpdD++NeBNhLW9QKVWRYa89pSdr4jWUE7D:gjHBeBvW9QKURY9Edr4jW/7

Entry address:
0x126C

Entry point:
68, 3C, 1E, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 48, 00, 00, 00, 00, 00, 00, 00, 98, 52, 31, ED, 19, 64, F2, 41, BE, 67, EF, F8, 55, E9, F0, DF, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 44, 56, 44, 50, 6C, 61, 79, 65, 72, 50, 72, 6F, 6A, 65, 63, 74, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 03, F6, 59, A0, 95, 35, 88, E5, 43, AA, 21, 1F, 60, AA, D2, C9, 26, E8, 3B, 8A, 98, 08, A5, 22, 44, 8F, 5B, D3, AA, EC, 71, CD, 08, 3A, 4F, AD...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
12 KB (12,288 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ns371251.ip-5-135-136.eu  (5.135.136.208:80)

TCP:
Connects to 188.ip-149-202-33.eu  (149.202.33.188:8890)

Remove radio.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.