» servicos_notas_br_autentica_nfiscal_elet.exe
Overview
Analysis
File Details
Downloads (1)

servicos_notas_br_autentica_nfiscal_elet.exe

Live Secure o

Live Secure

The executable servicos_notas_br_autentica_nfiscal_elet.exe has been detected as malware by 19 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.sugarsync.com.

File name:

Publisher:

Live Secure

Product:

Live Secure o

Description:

Live Secure a

Version:

1.2.0.0

MD5:

1b4c7006cbdfa25c65fe8a4a05908849

SHA-1:

d87a0d341ea5099a854a1da8c8674092ed9aff15

SHA-256:

ff7e552d7d9300a806a07e17a2a383c8712dff1ff3b76027b0588c1ecc67e4df

Scanner detections:

19 / 68

Status:

Malware

Analysis date:

11/15/2024 9:46:44 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.61752

184

Avira AntiVirus

TR/Proxy.zgvk

8.3.3.4

Arcabit

Trojan.Symmi.DF138

1.0.0.669

avast!

Win32:Malware-gen

2014.9-160803

Bitdefender

Gen:Variant.Symmi.61752

1.0.20.1080

Emsisoft Anti-Malware

Gen:Variant.Symmi.61752

8.16.08.03.12

ESET NOD32

Win32/TrojanDownloader.Banload.WPJ (variant)

10.13349

Fortinet FortiGate

W32/Banload.VYA!tr.dldr

8/3/2016

G Data

Gen:Variant.Symmi.61752

16.8.25

IKARUS anti.virus

Trojan-Downloader.Win32.Banload

t3scan.2.0.9.0

K7 AntiVirus

Trojan-Downloader

13.221.19328

Kaspersky

Trojan.Win32.Scar

14.0.0.-193

McAfee

Artemis!1B4C7006CBDF

5600.6318

MicroWorld eScan

Gen:Variant.Symmi.61752

17.0.0.648

NANO AntiVirus

Trojan.Win32.Banload.ebofhg

1.0.30.7834

Panda Antivirus

Generic Malware

16.08.03.12

Qihoo 360 Security

HEUR/QVM05.1.0000.Malware.Gen

1.0.0.1120

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

48714

File size:

3.2 MB (3,337,728 bytes)

Product version:

1.0.0.0

Live Secure t

Trademarks:

Live Secure j

Original file name:

Live Secure l

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\servicos_notas_br_autentica_nfiscal_elet.exe

File PE Metadata

Compilation timestamp:

3/31/2016 8:01:58 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:ZmoJvnNgma+CjkSX/yzQwaaBWuZMdTpd098MF:ZmolnNm9KBeuZMi

Entry address:

0x27A098

Entry point:

55, 8B, EC, 83, C4, F0, B8, E4, DB, 66, 00, E8, B8, 52, D9, FF, A1, 7C, 6A, 68, 00, 8B, 00, E8, 2C, BB, F5, FF, 68, 2C, A1, 67, 00, 6A, 00, E8, 64, 8F, D9, FF, 85, C0, 75, 57, A1, 7C, 6A, 68, 00, 8B, 00, C6, 40, 6F, 00, A1, 7C, 6A, 68, 00, 8B, 00, B2, 01, E8, 23, D8, F5, FF, 8B, 0D, 7C, 67, 68, 00, A1, 7C, 6A, 68, 00, 8B, 00, 8B, 15, F4, BE, 66, 00, E8, 03, BB, F5, FF, 8B, 0D, D4, 67, 68, 00, A1, 7C, 6A, 68, 00, 8B, 00, 8B, 15, A8, B2, 66, 00, E8, EB, BA, F5, FF, A1, 7C, 6A, 68, 00, 8B, 00, E8, 3B, BC, F5... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

2.5 MB (2,592,256 bytes)

The file servicos_notas_br_autentica_nfiscal_elet.exe has been seen being distributed by the following URL.

https://www.sugarsync.com/.../D3196069_178_919514457?directDownload=true

Remove servicos_notas_br_autentica_nfiscal_elet.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.