home

takshost.exe

Bettis

AtomPark Software Inc

Publisher:
Stellar Information System Ltd  (signed by AtomPark Software Inc)

Product:
Bettis

Version:
1.00

MD5:
d6c724cd90c7238ab2ea3e2ab7424b5d

SHA-1:
41e021b137e8821be89bcf5b3a982245a2e4b8b7

SHA-256:
9981d682fd8471b77b26192f6df52de5acdc7862c6ee7ca3bf1e4e400cd2b3dc

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 5:05:57 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Injector.CUAY trojan
8.0.319.0

Microsoft Security Essentials
Threat.Undefined
1.221.525.0

File size:
1.3 MB (1,337,512 bytes)

Product version:
1.00

Original file name:
Kumarbhag3.exe

File type:
Executable application (Win32 EXE)

Language:
Catalão (Catalunha)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\takshost.exe

Digital Signature
Signed by:
AtomPark Software Inc

Authority:
COMODO CA Limited

Valid from:
7/22/2015 9:00:00 PM

Valid to:
7/21/2016 8:59:59 PM

Subject:
CN=AtomPark Software Inc, O=AtomPark Software Inc, STREET=901 N Pitt str, STREET=Suite 325, L=Alexandria, S=VA, PostalCode=22314, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009614B25066CEEF978B5B6079B9F0485E

File PE Metadata
Compilation timestamp:
3/8/2016 6:03:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:l2B0dUCuacOohuz3MztU4uEbt4+lr+nOMyy0PTgo2V8xum:wBQUCQOohswdbPloyydpm

Entry address:
0x104C

Entry point:
68, 84, BD, 52, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, B6, A5, 4A, A1, F1, 4B, E9, 4A, BE, E9, FA, 40, 6C, 9B, AB, E0, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 31, 44, 32, 2D, 41, 39, 53, 75, 74, 68, 65, 72, 6C, 61, 6E, 64, 00, 34, 44, 41, 31, 7D, 00, 00, 00, 00, FF, CC, 31, 00, 01, 9A, 68, C1, 47, 03, 5D, 9B, 4E, B5, 80, CB, B2, C8, 96, 91, E5, 41, 65, B1, AF, 2C, 88, F0, 4C, 85, 35, 77, 3B, 0E, D4, 89, 77, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
1.2 MB (1,302,528 bytes)

Scan takshost.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.