home

re4per crypt.exe

Salung International Corporation

Publisher:
Salung International Corporation  (signed and verified)

MD5:
98bf0f3992364136779f0dbb4d2776c1

SHA-1:
e175790092bd90779c4ec17c4ad6a5154066a4af

SHA-256:
7c7bff2c69a106bb0bf01799d2fdfb823b501389e39f5b174d08c65f0fd569c1

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 7:26:41 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Kryptik.GMF trojan
8.0.319.0

File size:
429.5 KB (439,848 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Salung International Corporation

Authority:
Salung International Corporation

Valid from:
6/25/2016 6:45:36 AM

Valid to:
6/26/2026 6:45:36 AM

Subject:
E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Issuer:
E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Serial number:
00866E0A24F3686932

File PE Metadata
Compilation timestamp:
6/26/2016 4:49:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:dwjPIBdeTGG91bPcJUpKSKfgUyIE72dz969lY9bHY120ilNaPwy/2mAGhi:dwTNG28UpRp1AZ69e9zY12uPwQhi

Entry address:
0x64F9E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 03, 00, 00, 00, 20, 00, 00, 80, 0E, 00, 00, 00, 38, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
396 KB (405,504 bytes)

Scan re4per crypt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.