home

setdbro.exe

The application setdbro.exe has been detected as a potentially unwanted program by 11 anti-malware scanners. The file has been seen being downloaded from dgq0t2nte1tmh.cloudfront.net.
Version:
1.0.1.0

MD5:
7f8b69a89c37201102f15db207287d72

SHA-1:
1cb2dcec58f2ac2709e06d83a0b7961b404fd9de

SHA-256:
32f42ea7a22adc202e0fa5991ea5b518a9ace2921c5e24ea9ebdf7bd7b79d333

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 7:24:34 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.774535
413

Arcabit
Trojan.Kazy.DBD187
1.0.0.629

Bitdefender
Gen:Variant.Kazy.774535
1.0.20.1765

Emsisoft Anti-Malware
Gen:Variant.Kazy.774535
8.15.12.19.08

G Data
Gen:Variant.Kazy.774535
15.12.25

Malwarebytes
PUP.Optional.WinYahoo
v2015.12.19.08

MicroWorld eScan
Gen:Variant.Kazy.774535
16.0.0.1059

Quick Heal
(Suspicious) - DNAScan
11.15.14.00

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.151217

SUPERAntiSpyware
PUP.WinYahoo/Variant
9438

Zillya! Antivirus
Adware.AdService.Win32.332
2.0.0.2568

File size:
129 KB (132,096 bytes)

Product version:
1.0.1.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\setdbro.exe

File PE Metadata
Compilation timestamp:
11/10/2015 3:07:02 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
14.0

CTPH (ssdeep):
3072:7Mt55RfKeUHZnKZwsvRkrORcLOWHzZzAFx/Ew/j/FLj:gt5PyeCnK+NrNOAHQR

Entry address:
0x3EF8

Entry point:
E8, B1, 03, 00, 00, E9, 7A, FE, FF, FF, 55, 8B, EC, 6A, 00, FF, 15, 10, 90, 41, 00, FF, 75, 08, FF, 15, 0C, 90, 41, 00, 68, 09, 04, 00, C0, FF, 15, 14, 90, 41, 00, 50, FF, 15, 18, 90, 41, 00, 5D, C3, CC, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 9F, 3A, 01, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, C0, 08, 42, 00, 89, 0D, BC, 08, 42, 00, 89, 15, B8, 08, 42, 00, 89, 1D, B4, 08, 42, 00, 89, 35, B0, 08, 42, 00, 89, 3D, AC, 08, 42, 00, 66, 8C, 15, D8, 08, 42, 00, 66, 8C, 0D, CC, 08, 42, 00, 66, 8C, 1D...
 
[+]

Entropy:
6.5403

Code size:
94 KB (96,256 bytes)

The file setdbro.exe has been seen being distributed by the following URL.

https://dgq0t2nte1tmh.cloudfront.net/setdbro.exe

Remove setdbro.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.