» security_cleaner.exe
Overview
Analysis
File Details
Downloads (1)

security_cleaner.exe

FlashJester Jugglor Engine

3rd Eye Solutions

The application security_cleaner.exe, “FlashJester Jugglor Engine ” has been detected as a potentially unwanted program by 24 anti-malware scanners. The file has been seen being downloaded from qgjrxcss.bounceme.net.

File name:

Publisher:

3rd Eye Solutions

Product:

FlashJester Jugglor Engine

Description:

FlashJester Jugglor Engine

Version:

1.1.0.0

MD5:

d8d44862b32a7b58130669b760925273

SHA-1:

a30674bdbf2788712d148f514a80006be8a81ddf

SHA-256:

027591140853622e63283c3cbad08a501b8d932653b520982641c2d342b76838

Scanner detections:

24 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 7:52:45 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Trojan/Win32.Blocker

2013.08.23

Avira AntiVirus

TR/Crypt.EPACK.4654

7.11.97.198

avast!

Win32:FakeAV-ETJ [Trj]

2014.9-151213

AVG

Generic_s

2016.0.2897

Bitdefender

Trojan.GenericKDZ.22873

1.0.20.1735

Comodo Security

TrojWare.Win32.Kryptik.BEB

16804

Dr.Web

Trojan.Winlock.9115

9.0.1.0347

Emsisoft Anti-Malware

Trojan.GenericKDZ.22873

8.15.12.13.07

ESET NOD32

Win32/Adware.SystemSecurity.AL

9.8716

G Data

Trojan.GenericKDZ.22873

15.12.22

IKARUS anti.virus

Trojan-Ransom.Win32.Blocker

t3scan.2.0.127

Kaspersky

Trojan-Ransom.Win32.Blocker

14.0.0.978

Malwarebytes

Trojan.FakeAV

v2015.12.13.07

McAfee

Fake-SecTool-FPE!D8D44862B32A

5600.6553

Microsoft Security Essentials

Rogue:Win32/Winwebsec

1.163.1557.0

MicroWorld eScan

Trojan.GenericKDZ.22873

16.0.0.1041

NANO AntiVirus

Trojan.Win32.Blocker.bwipif

0.26.0.53954

Norman

Hlux.GM

11.20151213

Panda Antivirus

Trj/Ransom.AB

15.12.13.07

Total Defense

Win32/Winwebsec.JSBAUJ

37.0.10498

Trend Micro House Call

TROJ_GEN.R0CBC0DG413

7.2.347

Trend Micro

TROJ_GEN.R0CBC0DG413

10.465.13

Vba32 AntiVirus

Malware-Cryptor.Mystig

3.12.22.3

VIPRE Antivirus

Trojan.Win32.Winwebsec.z

20768

File size:

461 KB (472,064 bytes)

Product version:

1.1.0.0

Original file name:

Magic Balls - MiniClip.com.exe

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\security_cleaner.exe

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:tRpIaBom13kevsHwwi+9FrPlIW/tWqfAy:HGO1H0Hji+XrNh9

Entry address:

0xA123

Entry point:

33, C9, EB, 03, CC, 33, C9, BB, 00, 00, 00, 00, BE, 00, 00, 00, 00, 8D, BB, 00, 41, 7A, 00, 57, 33, C9, 81, F9, 00, 00, F0, 01, 0F, 84, FF, 00, 00, 00, 81, F9, 11, 10, 30, 00, 33, C0, 81, F9, 23, 23, 30, 00, 0F, 85, E5, 00, 00, 00, 5E, 81, EE, 00, 00, 02, 00, 8B, FE, B0, 90, B9, 00, 00, 02, 00, 56, BB, 00, 00, 00, 00, BE, 00, 00, 00, 00, 8D, BB, 00, 41, 7A, 00, B9, 73, 43, 00, 00, BB, 00, 70, 40, 00, 03, F3, 83, F9, 00, 74, 1A, 51, B9, 00, 00, 00, 00, 8D, 04, 31, 0F, B6, 00, 90, AA, 46, 59, 83, C7, 04, 83... 
[+]

Entropy:

7.4191

Code size:

47 KB (48,128 bytes)

The file security_cleaner.exe has been seen being distributed by the following URL.

http://qgjrxcss.bounceme.net/index.php?c=RaEQL35Qhmk/.../dvS4W6OHoNeiW k=

Remove security_cleaner.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.