» stub.exe
Overview
Analysis
File Details

stub.exe

stubbbbf

The application stub.exe has been detected as a potentially unwanted program by 25 anti-malware scanners.

File name:

stub.exe

Product:

stubbbbf

Version:

1.0.0.0

MD5:

24d8b80189bfa41bebe9e0bda0d5a2fb

SHA-1:

a193f31a7e7130d556474e59f89fe7efa3802b1c

SHA-256:

e80ee8c2f46abea07258c7f6c7b8f70f791ea7e53b81e966f25bb9b0cdb54fa0

Scanner detections:

25 / 68

Status:

Potentially unwanted

Analysis date:

4/1/2025 7:57:05 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.9258

-40

Agnitum Outpost

Trojan.Injector

7.1.1

Avira AntiVirus

TR/Dropper.Gen

8.3.1.6

avast!

MSIL:Bladabindi-CI [Trj]

2014.9-170315

AVG

Inject

2018.0.2438

Baidu Antivirus

Adware.Win32.Agent

4.0.3.17315

Bitdefender

Gen:Variant.Barys.9258

1.0.20.370

Comodo Security

UnclassifiedMalware

22160

Emsisoft Anti-Malware

Gen:Variant.Barys.9258

8.17.03.15.04

ESET NOD32

MSIL/Injector.AEL (variant)

11.11643

Fortinet FortiGate

MSIL/Injector.AEL

3/15/2017

F-Prot

W32/MSIL_Troj.DL.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Barys.9258

11.2017-15-03_4

G Data

Gen:Variant.Barys.9258

17.3.25

IKARUS anti.virus

Backdoor.Win32.DarkKomet

t3scan.1.8.9.0

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.-1313

McAfee

Artemis!24D8B80189BF

5600.6094

MicroWorld eScan

Gen:Variant.Barys.9258

18.0.0.222

NANO AntiVirus

Trojan.Win32.AEL.darwcu

0.30.24.1357

Norman

Troj_Generic.LYXPE

11.20170315

Panda Antivirus

Generic Malware

17.03.15.04

Qihoo 360 Security

Win32/Trojan.Multi.daf

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Vba32 AntiVirus

Malware-Cryptor.MSIL.gen.1

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

40338

File size:

37 KB (37,888 bytes)

Product version:

1.0.0.0

Original file name:

stub.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\stub.exe

File PE Metadata

Compilation timestamp:

6/12/2013 5:26:57 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

Entry address:

0xA2DE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.3641

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

33 KB (33,792 bytes)

Remove stub.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.