RsDDoser.exe

FeZASWJPAfsBOFUznHEmiADFRdaOvIzVKmpBSEfsphltPu

Sun Microsystems

Publisher:
Sun Microsystems

Product:
FeZASWJPAfsBOFUznHEmiADFRdaOvIzVKmpBSEfsphltPu

Description:
RsDDos

Version:
6.42.86.16

MD5:
74f7c275cd2d0e0c265f23f8b2b0222d

SHA-1:
7f736d1e5d37ca3daaafe346fb8c592fb82bf5e9

SHA-256:
c1c7910f27c824db03de468935aae5c379e45fd5aabffe96e85bba72d93aa11f

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 4:10:43 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Trojan.Msil!IK
8.16.07.17.11

IKARUS anti.virus
Trojan.Msil
t3scan.1.1.107.0

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-107

SUPERAntiSpyware
Trojan.Agent/Gen-Falofn[Cont]
9016

File size:
335.7 KB (343,744 bytes)

Product version:
6.42.86.16

Copyright:
rsmEivXEJtORccTEjgRirJLKfDab

Trademarks:
smlAkdorIDADgLiPRerxVKzJTepbnCvdixBvP

Original file name:
RsDDoser.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\rsddoser.exe

File PE Metadata
Compilation timestamp:
9/1/2011 8:37:31 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:CCFO+00I/pfy/1+W0W6oQt/IYHUng/KdBwcDJQtGqPPPmR56Hpbhs/VaVfinnXU9:dO10kK1Wt/Qn1BwwaGqPPPBVdoXU4/U

Entry address:
0xD6AE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
1.6340

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
48 KB (49,152 bytes)

The file RsDDoser.exe has been seen being distributed by the following URL.

Scan RsDDoser.exe - Powered by Reason Core Security