» screen0161306.scr
Overview
Analysis
File Details

screen0161306.scr

RecA

The file screen0161306.scr has been detected as malware by 1 anti-virus scanner.

File name:

screen0161306.scr

Publisher:

RecA (signed and verified)

MD5:

76bf8507d77a38f2fd291986436bfaef

SHA-1:

1a4a9c3777c2249dc445350dfeb81d606109fa91

SHA-256:

8559ef15ab4a60bed96e33c291e2bee9f85c805c6488b7503c05a556bec341ef

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/16/2024 6:59:19 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.11.14.2

File size:

277.4 KB (284,096 bytes)

Common path:

C:\users\{user}\downloads\screen0161306.scr

Digital Signature

Signed by:

RecA

Authority:

RecA

Valid from:

7/3/2016 12:12:39 AM

Valid to:

7/4/2026 12:12:39 AM

Subject:

E=owner@reca.net, CN=www.reca.net, OU=Support Dept, O=RecA, L=Cologne, S=Sortil, C=DE

Issuer:

E=owner@reca.net, CN=www.reca.net, OU=Support Dept, O=RecA, L=Cologne, S=Sortil, C=DE

Serial number:

008FE7E51E617A60CF

File PE Metadata

Compilation timestamp:

7/6/2016 7:45:35 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:lC4k0BcXhZ0Ik/v1dv3cQ2lg5CwLPYoYgnUeZN3ORwTUygJ:e0BcXg/1Fz5xYoHnUmOqT7gJ

Entry address:

0x2E2FE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.2218

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

180 KB (184,320 bytes)

Remove screen0161306.scr - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.