home

xe1q9u4fv.exe

U

The application xe1q9u4fv.exe has been detected as a potentially unwanted program by 11 anti-malware scanners.
Product:
U

Description:
UO%AC

Version:
6.7.7.4

MD5:
8b83ef820f7550b7703610d43a4c0823

SHA-1:
e1861472a3de9a2fe8240ab77a1b6c0ad7c2c95d

SHA-256:
dc26a1e54c180968b6c77a53d4dbd6dfd21f5828b7475a7ea231e32db2429a30

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
4/24/2025 12:05:28 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Atros5
2018.0.2438

Baidu Antivirus
Win32.Trojan.WisdomEyes.16070401.9500
4.0.3.17316

Comodo Security
TrojWare.MSIL.Injector.QTZ
26761

Dr.Web
Trojan.DownLoader23.64476
9.0.1.075

ESET NOD32
MSIL/Kryptik.IOF (variant)
11.15095

F-Prot
W32/Injector.HX.gen
v6.4.7.1.166

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-1317

Malwarebytes
Adware.Tuto4PC
v2017.03.16.10

Panda Antivirus
Trj/GdSda.A
17.03.16.10

Qihoo 360 Security
HEUR/QVM03.0.0000.Malware.Gen
1.0.0.1120

Sophos
Wizrem Bundler (PUA)
4.98

File size:
1.3 MB (1,336,320 bytes)

Product version:
6.7.7.4

Copyright:
Copyright © 7073

Original file name:
cece885sz.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\xe1q9u4fv.exe

File PE Metadata
Compilation timestamp:
3/15/2017 5:58:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
48.0

.NET CLR dependent:
Yes

Entry address:
0x106242

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6944

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1 MB (1,065,984 bytes)

Remove xe1q9u4fv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.