» System_Checker_v3-50.exe
Overview
Analysis
File Details
Downloads (1)

System_Checker_v3-50.exe

The executable System_Checker_v3-50.exe has been detected as malware by 12 anti-virus scanners. The file has been seen being downloaded from esd-crm.csd.disa.mil.

File name:

Version:

0.0.0.0

MD5:

eb42ac2ac42a8afc9d7d456e29188695

SHA-1:

c1574c2721a9f49835ef042d003472ed899c550f

SHA-256:

9af6cd4e40b87b6b162b93b5d738fdde75520f3abb60e3766778c5849e4dba6c

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

12/28/2024 12:57:35 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.15298041

415

Avira AntiVirus

TR/Dropper.Gen2

8.3.2.4

Arcabit

Trojan.Generic.DE96DF9

1.0.0.624

avast!

Win32:Malware-gen

2014.9-151217

Bitdefender

Trojan.Generic.15298041

1.0.20.1755

Emsisoft Anti-Malware

Trojan.Generic.15298041

8.15.12.17.11

F-Secure

Trojan.Generic.15298041

11.2015-17-12_5

G Data

Trojan.Generic.15298041

15.12.25

IKARUS anti.virus

Trojan.Dropper

t3scan.1.9.5.0

MicroWorld eScan

Trojan.Generic.15298041

16.0.0.1053

nProtect

Trojan.Generic.15298041

15.11.27.01

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1077

File size:

660 KB (675,840 bytes)

Product version:

0.0.0.0

Original file name:

System_Checker_v3-50.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\the journey final\system_checker_v3-50.exe

File PE Metadata

Compilation timestamp:

5/26/2015 8:37:30 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:L4o4Zx+TKrBNdALgHyagSu0nRQuXyb7tGy9/Q:cya7

Entry address:

0xA342E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

3.8275

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

648 KB (663,552 bytes)

The file System_Checker_v3-50.exe has been seen being distributed by the following URL.

https://esd-crm.csd.disa.mil/ci/fattach/get/250373/0/.../System_Checker_v3-50.exe

Remove System_Checker_v3-50.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.