home

system77.exe

The executable system77.exe has been detected as malware by 36 anti-virus scanners. This is a setup program which is used to install the application. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information. The file has been seen being downloaded from s1.directxex.com.
MD5:
615a2c1bc3e53e000ee95e9806cf265b

SHA-1:
82aad30d87fc5983ee11062a4635451d13f614f3

SHA-256:
4c19187276ef7772410d0d3cfe0b7b373cad4626dce7e9f8a5ab2f53306b5323

Scanner detections:
36 / 68

Status:
Malware

Analysis date:
11/30/2024 3:25:02 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Zusy.75290
786

AegisLab AV Signature
Troj.W32.Gen
2.1.4+

Agnitum Outpost
Backdoor.Agent
7.1.1

AhnLab V3 Security
Backdoor/Win32.Bladabindi
2014.11.06

Avira AntiVirus
TR/Dropper.Gen7
7.11.183.62

avast!
MSIL:GenMalicious-AV [Trj]
2014.9-141210

AVG
PSW.ILUSpy
2015.0.3264

Baidu Antivirus
Backdoor.MSIL.Agent
4.0.3.141210

Bitdefender
Gen:Variant.Zusy.75290
1.0.20.1720

Comodo Security
Backdoor.MSIL.Bladabindi.A
19997

Dr.Web
BackDoor.Bladabindi.1056
9.0.1.0344

Emsisoft Anti-Malware
Gen:Variant.Zusy.75290
8.14.12.10.02

ESET NOD32
MSIL/Bladabindi.BC (variant)
8.10675

Fortinet FortiGate
MSIL/Bladabindi.Q!tr
12/10/2014

F-Prot
W32/MSIL_Bladabindi.G.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Zusy.75290
11.2014-10-12_4

G Data
Gen:Variant.Zusy.75290
14.12.24

IKARUS anti.virus
Backdoor.MSIL
t3scan.1.8.3.0

K7 AntiVirus
Trojan
13.185.13888

Kaspersky
Backdoor.MSIL.Agent
14.0.0.2817

Malwarebytes
Backdoor.NJBot.MSIL
v2014.12.10.02

McAfee
BackDoor-NJRat!615A2C1BC3E5
5600.6920

Microsoft Security Essentials
Backdoor:MSIL/Bladabindi.AJ
1.11104

MicroWorld eScan
Gen:Variant.Zusy.75290
15.0.0.1032

NANO AntiVirus
Trojan.Win32.DownLoader11.cxfbrl
0.28.6.62995

Norman
Bladabindi.JQ
11.20141210

nProtect
Trojan-Dropper/W32.FrauDrop.24064.Y
14.11.05.01

Qihoo 360 Security
Win32/Trojan.Dropper.fae
1.0.0.1015

Quick Heal
Backdoor.Bladabindi.AL3
12.14.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.16CC778A!382498698
23.00.65.141208

Sophos
Troj/DotNet-P
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Bladabindi
10186

Vba32 AntiVirus
Backdoor.MSIL.Agent
3.12.26.3

VIPRE Antivirus
Backdoor.MSIL.Bladabindi.a
34536

ViRobot
Trojan.Win32.S.Bladabindi.24064.BQP
2011.4.7.4223

Zillya! Antivirus
Trojan.Disfa.Win32.10564
2.0.0.1976

File size:
23.5 KB (24,064 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\system77.exe

File PE Metadata
Compilation timestamp:
5/31/2014 12:10:50 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:DV8aZYC9twBNdcvFaly2H0dPJo6XghcASEJqc/ZmRvR6JZlbw8hqIusZzZh4:DdY+sNKqNHbSdRpcnu1

Entry address:
0x748E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
21.5 KB (22,016 bytes)

The file system77.exe has been seen being distributed by the following URL.

http://s1.directxex.com/.../koBDmlmri4ikI6POqgl58dSlrs2YMJCNOAT1jbLdmpZxeHNdM3Re_ZBJ-G8ReXwS36CKXPUK_I8Jr6gwP4ghQpATUcGslSE9t7UU

Remove system77.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.