» reader.exe
Overview
Analysis
File Details

reader.exe

erggergerger

tuytyjtytyj

The executable reader.exe has been detected as malware by 34 anti-virus scanners.

File name:

reader.exe

Publisher:

tuytyjtytyj

Product:

erggergerger

Version:

6.0

MD5:

622f83ce8db61b91f9e34cc6cda091fa

SHA-1:

1dfbe8aa690ff6d4e52bcae57d9b9be520076577

SHA-256:

ad8cdf310f304a101dcfe0bf7517bc9c5379c137bdca135b69149d5038ddfa19

Scanner detections:

34 / 68

Status:

Malware

Analysis date:

4/1/2025 8:02:03 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Encpk.Gen.4

-40

AhnLab V3 Security

Trojan/Win32.Generic.N1073291070

3.7.5.15

Avira AntiVirus

TR/Spy.ZBot.rkvh

8.3.3.4

Arcabit

Trojan.Encpk.Gen.4

1.0.0.772

avast!

Win32:Fareit-LS [Trj]

2014.9-170315

AVG

PSW.Generic12

2018.0.2438

Baidu Antivirus

Win32.Trojan.WisdomEyes.151026.9950

4.0.3.17315

Bitdefender

Trojan.Encpk.Gen.4

1.0.20.370

Comodo Security

TrojWare.Win32.Injector.AVXY

25722

Dr.Web

Trojan.PWS.Stealer.4118

9.0.1.074

Emsisoft Anti-Malware

Trojan.Encpk.Gen

8.17.03.15.12

ESET NOD32

Win32/Injector.AUTR (variant)

11.14085

Fortinet FortiGate

W32/Tepfer.AAX!tr.pws

3/15/2017

F-Secure

Trojan.Encpk.Gen.4

11.2017-15-03_4

G Data

Trojan.Encpk.Gen

17.3.25

IKARUS anti.virus

Trojan-PWS.Win32.Fareit

t3scan.2.1.6.0

K7 AntiVirus

Riskware

13.238.20803

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-1313

Malwarebytes

Spyware.PasswordStealer.ED

v2017.03.15.12

McAfee

PWS-Zbot-FAQD!622F83CE8DB6

5600.6094

Microsoft Security Essentials

Trojan:Win32/Nadeomi.A

1.1.13000.0

MicroWorld eScan

Trojan.Encpk.Gen.4

18.0.0.222

NANO AntiVirus

Trojan.Win32.Fareit.csjojv

1.0.38.8984

Panda Antivirus

Trj/CI.A

17.03.15.12

Qihoo 360 Security

HEUR/Malware.QVM05.Gen

1.0.0.1120

Quick Heal

Worm.Gamarue.I5

3.17.14.00

Rising Antivirus

Malware.Generic!UtYoP4EBBGC@4 (thunder)

23.00.65.17313

Sophos

Mal/Necurs-I

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-FalComp

8534

Trend Micro House Call

TSPY_ZBOT.SM51

7.2.74

Trend Micro

TSPY_ZBOT.SM51

10.465.15

Vba32 AntiVirus

TrojanPSW.Fareit

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Tepfer.aax

52138

Zillya! Antivirus

Trojan.Fareit.Win32.5496

2.0.0.3043

File size:

86.6 KB (88,710 bytes)

Product version:

6.0

File type:

Executable application (Win32 EXE)

Language:

German (Luxembourg)

Common path:

C:\users\{user}\appdata\local\openmin\reader.exe

File PE Metadata

Compilation timestamp:

1/5/2014 8:45:31 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.21

Entry address:

0x1000

Entry point:

68, 34, 0F, 00, 00, 68, 00, 00, 00, 00, 68, A0, 9A, 40, 00, E8, 5C, 30, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, 55, 30, 00, 00, A3, A4, 9A, 40, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, 42, 30, 00, 00, A3, A0, 9A, 40, 00, E8, BC, 2F, 00, 00, E8, 37, 58, 00, 00, E8, DD, 56, 00, 00, E8, 1D, 51, 00, 00, E8, FF, 48, 00, 00, E8, C6, 40, 00, 00, E8, F4, 3F, 00, 00, E8, 6A, 3F, 00, 00, E8, BD, 3E, 00, 00, E8, 12, 3E, 00, 00, E8, 06, 3D, 00, 00, E8, 15, 34, 00, 00, EB, 00, 68, BC, A9... 
[+]

Entropy:

6.9500

Packer / compiler:

PKLITE32, 0x1.1

Code size:

771 Bytes (771 bytes)

Remove reader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.