home

tibiacast_3_1_58.exe

Njabi

AtomPark Software Inc

The executable tibiacast_3_1_58.exe has been detected as malware by 27 anti-virus scanners.
Publisher:
Stellar Information System Ltd  (signed by AtomPark Software Inc)

Product:
Njabi

Version:
1.00

MD5:
fced1f829ead6294e809786f508add55

SHA-1:
4a4ebd2cc4256d9dd760bd0e3726e30f3b6bc2b8

SHA-256:
cf32b11209fc389190ac58a38f00e9d70909c5e3b4bfd651f00d823283705fb7

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
12/26/2024 4:26:53 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.3093987
296

AegisLab AV Signature
Troj.W32.Vbkryjetor!c
2.1.4+

Avira AntiVirus
TR/Dropper.VB.52155
8.3.3.4

Arcabit
Trojan.Generic.D2F35E3
1.0.0.666

avast!
Win32:Malware-gen
2014.9-160413

AVG
PSW.Generic13
2017.0.2774

Bitdefender
Trojan.GenericKD.3093987
1.0.20.520

Bkav FE
HW32.Packed
1.3.0.7744

Emsisoft Anti-Malware
Trojan.GenericKD.3093987
8.16.04.13.05

ESET NOD32
Win32/PSW.Tibia.NIC
10.13297

Fortinet FortiGate
W32/Injector.CUWV!tr
4/13/2016

F-Secure
Trojan.GenericKD.3093987
11.2016-13-04_4

G Data
Trojan.GenericKD.3093987
16.4.25

IKARUS anti.virus
Trojan.Win32.PSW
t3scan.2.0.9.0

K7 AntiVirus
Password-Stealer
13.221.19241

Kaspersky
Trojan.Win32.VBKryjetor
14.0.0.366

Malwarebytes
Trojan.PasswordStealer.Tibia
v2016.04.13.05

McAfee
Artemis!FCED1F829EAD
5600.6430

Microsoft Security Essentials
VirTool:Win32/Injector.FQ
1.1.12603.0

MicroWorld eScan
Trojan.GenericKD.3093987
17.0.0.312

nProtect
Trojan.GenericKD.3093987
16.04.07.01

Panda Antivirus
Trj/GdSda.A
16.04.13.05

Qihoo 360 Security
Win32/Trojan.Dropper.405
1.0.0.1120

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16411

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R072C0DCE16
10.465.13

VIPRE Antivirus
Trojan.Win32.Generic
48452

File size:
1.2 MB (1,304,744 bytes)

Product version:
1.00

Original file name:
Diabolism.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tibiacast_3_1_58.exe

Digital Signature
Signed by:
AtomPark Software Inc

Authority:
COMODO CA Limited

Valid from:
7/22/2015 9:00:00 PM

Valid to:
7/21/2016 8:59:59 PM

Subject:
CN=AtomPark Software Inc, O=AtomPark Software Inc, STREET=901 N Pitt str, STREET=Suite 325, L=Alexandria, S=VA, PostalCode=22314, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009614B25066CEEF978B5B6079B9F0485E

File PE Metadata
Compilation timestamp:
3/9/2016 4:47:57 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:oxaZZNPt+MSNOBLlz4yejDWGLMo7lm6RjoMIGeDliKRXm:ec/PIMSqlz4y79H6Rjo/GeDlJtm

Entry address:
0x104C

Entry point:
68, 7C, 9C, 52, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 19, 3D, 6F, CD, C8, A8, 2A, 4A, 85, 23, 4F, 7E, 56, 21, 63, 57, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 04, 00, 00, 00, 50, 72, 6F, 64, 69, 61, 6C, 6F, 67, 75, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 01, 6E, C0, A0, C0, F7, EE, 16, 4F, B6, DD, 7C, A7, F2, D5, 13, 46, 68, AB, 4E, D3, DB, B9, A4, 41, A0, 1D, C0, E4, 94, 04, 5C, 7D, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
1.2 MB (1,269,760 bytes)

Remove tibiacast_3_1_58.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.