» v2d8tkkoa.exe
Overview
Analysis
File Details

v2d8tkkoa.exe

The executable v2d8tkkoa.exe has been detected as malware by 35 anti-virus scanners.

File name:

v2d8tkkoa.exe

MD5:

5a6623d909cafd0d3ff474afa79ecaa3

SHA-1:

bba069d7e3893288c6b58f54f6782c32518ce8c7

SHA-256:

86d830e1aca4257903a1b657920ea097cf0025a91f1d253dc926240adc4a2fb4

Scanner detections:

35 / 68

Status:

Malware

Analysis date:

11/29/2024 4:36:02 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Razy.116120

-41

AegisLab AV Signature

Troj.Ransom.W32.Zerber!c

2.1.4+

AhnLab V3 Security

Trojan/Win32.Cerber.C1724262

3.8.3.16

Avira AntiVirus

TR/Crypt.ZPACK.mbgdb

8.3.3.4

Arcabit

Trojan.Razy.D1C598

1.0.0.795

avast!

Win32:Malware-gen

2014.9-170316

AVG

Atros4

2018.0.2437

Baidu Antivirus

Win32.Trojan.Kryptik

4.0.3.17316

Bitdefender

Gen:Variant.Razy.116120

1.0.20.375

Comodo Security

TrojWare.Win32.Filecoder.CB

26527

Dr.Web

Trojan.Encoder.7453

9.0.1.075

Emsisoft Anti-Malware

Gen:Variant.Razy.116120

8.17.03.16.01

ESET NOD32

Win32/Kryptik.FMEU (variant)

11.14865

Fortinet FortiGate

W32/Kryptik.FMQC!tr

3/16/2017

F-Prot

W32/S-66927795

v6.4.7.1.166

F-Secure

Gen:Variant.Razy.116120

11.2017-16-03_5

G Data

Gen:Variant.Razy.116120

17.3.25

IKARUS anti.virus

Trojan.Win32.Crypt

0.1.3.4

K7 AntiVirus

Trojan

13.2422282

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-1318

Malwarebytes

Ransom.Cerber

v2017.03.16.01

McAfee

Ransomware-FSA!5A6623D909CA

5600.6093

Microsoft Security Essentials

Ransom:Win32/Cerber

1.1.13407.0

MicroWorld eScan

Gen:Variant.Razy.116120

18.0.0.225

NANO AntiVirus

Trojan.Win32.Zerber.ekbzig

1.0.70.14475

Panda Antivirus

Trj/GdSda.A

17.03.16.01

Qihoo 360 Security

Win32/Trojan.Ransom.086

1.0.0.1120

Quick Heal

Ransom.Genasom

3.17.14.00

Rising Antivirus

Trojan.Kryptik!1.A722-qP2IZJy4aqQ (cloud)

23.00.65.17314

Sophos

Mal/Cerber-K

4.98

Trend Micro House Call

Ransom_CERBER.F117A2

7.2.75

Trend Micro

Ransom_CERBER.F117A2

10.465.16

VIPRE Antivirus

Trojan.Win32.Generic

55664

ViRobot

Trojan.Win32.Z.Zerber.560307.A[h]

2014.3.20.0

Zillya! Antivirus

Trojan.Zerber.Win32.691

2.0.0.3192

File size:

547.2 KB (560,307 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\v2d8tkkoa.exe

File PE Metadata

Compilation timestamp:

12/27/2016 7:26:30 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x6B840

Entry point:

55, 8B, EC, 83, EC, 24, 57, 8B, 45, F8, 8B, 4D, F8, D3, E8, 89, 45, F8, FF, 15, A0, D3, 46, 00, 68, D8, 99, 48, 00, FF, 15, 40, D2, 46, 00, 8B, 4D, F8, 03, 4D, F8, 89, 4D, F8, 8B, 55, F8, 2B, 55, F8, 89, 55, F8, 8B, 45, F8, 50, FF, 15, 6C, D5, 46, 00, C7, 45, EC, E0, 99, 48, 00, 6A, 00, 68, 80, 00, 00, 00, 6A, 03, 6A, 00, 6A, 03, 6A, 01, 8B, 4D, EC, 51, FF, 15, 60, D4, 46, 00, 89, 45, E8, 83, 7D, E8, FF, 74, 10, 83, 7D, E8, 00, 74, 0A, B8, 42, 00, 00, 00, E9, 9F, 02, 00, 00, 8B, D2, 8B, 55, 08, 8B, D2, 89... 
[+]

Entropy:

5.7311

Developed / compiled with:

Microsoft Visual C++

Code size:

429.5 KB (439,808 bytes)

Remove v2d8tkkoa.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.