home

vkontaktedjd-1.exe

Vkontakte DJ Installer

The application vkontaktedjd-1.exe has been detected as a potentially unwanted program by 6 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from bun.downloadappscom.biz and multiple other hosts.
Product:
Vkontakte DJ Installer

Version:
1.9.1.25

MD5:
d122317aab388b2f78280dd388a465c2

SHA-1:
da3afc3bfd8f501798caa73ef448fa0183030997

SHA-256:
2874ffa11c57a77bb74d65221884012f3eb61cd693d22cfed2055dcb22cbc495

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
11/30/2024 3:49:16 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Rootkit-gen [Rtk]
2014.9-151126

Baidu Antivirus
PUA.MSIL.VKontakteDJ
4.0.3.151126

ESET NOD32
MSIL/VKontakteDJ.A potentially unwanted (variant)
9.12625

IKARUS anti.virus
PUA.MSIL.Vkontaktedj
t3scan.1.9.5.0

K7 AntiVirus
Adware
13.212.17972

McAfee
Artemis!D122317AAB38
5600.6570

File size:
563.5 KB (577,024 bytes)

Product version:
1.9.1.25

Copyright:
Copyright © 2015

Original file name:
DjLoader.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\{00011ff2-0001-0001-0000-000000000000}\vkontaktedjd-1.exe

File PE Metadata
Compilation timestamp:
11/10/2015 5:31:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:G6nBtFl4P7qsKQ0jnAt4BknkA3F2ne2scSBtFC:xnJl4DBKQ0jnpBknk62vsTJC

Entry address:
0x6AF4E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
420 KB (430,080 bytes)

The file vkontaktedjd-1.exe has been seen being distributed by the following 2 URLs.

http://bun.downloadappscom.biz/yjwwr21.html??group=vkdjsite&name=Bloodbound-undefined&parameter=btn_artist

http://bun.downloadappscom.biz/yjwwr21.html??group=vkdjsite&name=-undefined&parameter=btn22

Remove vkontaktedjd-1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.