» timer by momento fenixzone.exe
Overview
Analysis
File Details

timer by momento fenixzone.exe

Salung International Corporation

The executable timer by momento fenixzone.exe has been detected as malware by 13 anti-virus scanners.

File name:

Publisher:

Salung International Corporation (signed and verified)

MD5:

5055a53b49edeaad090fe5884fa9c704

SHA-1:

9c890691f6863b3a17ef1f145fa413ab70d5dbe7

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

11/24/2024 7:58:02 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Dropper.MSIL.oeoa

8.3.3.4

avast!

Win32:Malware-gen

2014.9-160907

Baidu Antivirus

MSIL.Trojan.Kryptik

4.0.3.1697

ESET NOD32

MSIL/Kryptik.GMK (variant)

10.13768

Fortinet FortiGate

MSIL/Kryptik.GMK!tr

9/7/2016

IKARUS anti.virus

Trojan.MSIL.Inject

t3scan.2.1.6.0

K7 AntiVirus

Trojan

13.232.20170

Malwarebytes

Backdoor.Bot

v2016.09.07.11

McAfee

Trojan-FIGV!5055A53B49ED

5600.6284

Microsoft Security Essentials

Backdoor:Win32/Kirts.A

1.1.12902.0

Qihoo 360 Security

QVM03.0.Malware.Gen

1.0.0.1120

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

50676

File size:

337.5 KB (345,640 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\My documents\downloads\timer by momento fenixzone.exe

Digital Signature

Signed by:

Salung International Corporation

Authority:

Salung International Corporation

Valid from:

6/25/2016 1:45:36 AM

Valid to:

6/26/2026 1:45:36 AM

Subject:

E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Issuer:

E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Serial number:

00866E0A24F3686932

File PE Metadata

Compilation timestamp:

6/25/2016 7:22:31 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:kcuYGuTHiHWR2guXUjfgFqosIgR6o5LKzrV7krZgg1U3Z/tfSqErW6czP6jX3ZKv:kONVNjfgPsTRxkB7k97aSqErW6czP6ju

Entry address:

0x5410E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

328.5 KB (336,384 bytes)

Remove timer by momento fenixzone.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.