video.exe

Onur Karagoz

The executable video.exe has been detected as malware by 27 anti-virus scanners.
Publisher:
Onur Karagoz  (signed and verified)

Version:
1.0.0.0

MD5:
856751c0ddda7ad70ae75f0041738294

SHA-1:
19cc969dbe3ba18b6863b245d01e02d774956d86

SHA-256:
39c35175e8fd753c38b7f77cd4e7b5ea1b5fd9d0158af3af606a2ccbdffce4d9

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
12/25/2024 4:13:10 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.12384708
315

Agnitum Outpost
Trojan.Bamgadin
7.1.1

AhnLab V3 Security
Trojan/Win32.Balamid
2015.04.09

Avira AntiVirus
TR/Dropper.MSIL.101715
3.6.1.96

AVG
MSIL5
2017.0.2793

Bitdefender
Trojan.Generic.12384708
1.0.20.430

Comodo Security
UnclassifiedMalware
21695

Emsisoft Anti-Malware
Trojan.Generic.12384708
8.16.03.26.03

ESET NOD32
MSIL/Bamgadin (variant)
10.11444

Fortinet FortiGate
MSIL/Bamgadin.E!tr
3/26/2016

F-Secure
Trojan.Generic.12384708
11.2016-26-03_7

G Data
Trojan.Generic.12384708
16.3.25

IKARUS anti.virus
Trojan.MSIL.Bamgadin
t3scan.1.8.9.0

K7 AntiVirus
Trojan
13.202.15530

Kaspersky
Trojan.MSIL.Agent
14.0.0.459

McAfee
RDN/Generic.dx!d2d
5600.6449

Microsoft Security Essentials
TrojanClicker:MSIL/Balamid.B
1.1.11502.0

MicroWorld eScan
Trojan.Generic.12384708
17.0.0.258

Norman
Troj_Generic.YAVZT
11.20160326

nProtect
Trojan.Generic.12384708
15.04.07.01

Panda Antivirus
Trj/CI.A
16.03.26.03

Qihoo 360 Security
Trojan.Generic
1.0.0.1015

Quick Heal
TrojanClicker.Balamid.r4
3.16.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_GEN.R047C0DA415
7.2.86

Trend Micro
TROJ_GEN.R047C0DA415
10.465.26

VIPRE Antivirus
Trojan.Win32.Generic
39176

File size:
118.8 KB (121,616 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
HDPLAYER.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\video.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
11/13/2014 2:00:00 AM

Valid to:
11/14/2015 1:59:59 AM

Subject:
CN=Onur Karagoz, O=Onur Karagoz, STREET=UĞURMUMCU MAH. UĞURMUMCU CAD., STREET=184 ÇATIEVLER SİTESİ, STREET=BLOK:C D:210, L=Ankara, S=Yenimahalle, PostalCode=06370, C=TR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CD82F99CAD17F58E443C98C1BD258CBA

File PE Metadata
Compilation timestamp:
12/5/2014 4:34:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:CnIujTd8BHPWnYutqTMyvzAboXOUHlB8IW3+uMVB8I3NXJW:APdxnrtqhzAbAOulB1W36B13NXJW

Entry address:
0x18E1E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.5664

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
92 KB (94,208 bytes)

Remove video.exe - Powered by Reason Core Security