yhgtvw.exe

The executable yhgtvw.exe has been detected as malware by 35 anti-virus scanners.
MD5:
8adbac6c8cbeddda271d07177fc5f723

SHA-1:
8e7a5d5e39ce4b9b9bf3e1cfee7c6a366a328cac

SHA-256:
b09d2a1ce207acde909633332f3d5ced83c7ae1893cbe6c7ee7ab56693930d05

Scanner detections:
35 / 68

Status:
Malware

Analysis date:
11/29/2024 4:42:05 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.4625
-40

Agnitum Outpost
Trojan.Agent
7.1.1

AhnLab V3 Security
Backdoor/Win32.Agent
2014.07.16

Avira AntiVirus
TR/Crypt.XPACK.Gen2
7.11.160.254

avast!
Win32:Trojan-gen
2014.9-170316

AVG
Win32/Heri
2018.0.2438

Bitdefender
Gen:Variant.Kazy.4625
1.0.20.375

Clam AntiVirus
Win.Trojan.Agent-255784
0.98/21411

Comodo Security
TrojWare.Win32.Trojan.Agent.~MCB
18866

Dr.Web
Trojan.DownLoader1.23087
9.0.1.075

Emsisoft Anti-Malware
Gen:Variant.Kazy.4625
8.17.03.16.10

ESET NOD32
Win32/Kryptik.IKC (variant)
11.10103

Fortinet FortiGate
W32/FakeAV!tr
3/16/2017

F-Prot
W32/MalwareF.UHBO
v6.4.7.1.166

F-Secure
Gen:Variant.Kazy.4625
11.2017-16-03_5

G Data
Gen:Variant.Kazy.4625
17.3.24

IKARUS anti.virus
Trojan.Win32.Agent
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.180.12733

Kaspersky
Trojan.Win32.Agent
14.0.0.-1317

Malwarebytes
Trojan.Ertfor
v2017.03.16.10

McAfee
PWS-Zbot.gen.ia
5600.6094

Microsoft Security Essentials
Trojan:Win32/Ertfor.B
1.10802

MicroWorld eScan
Gen:Variant.Kazy.4625
18.0.0.225

NANO AntiVirus
Trojan.Win32.Agent.bvmbn
0.28.2.60881

Norman
Suspicious_Gen2.FFJHV
11.20170316

Panda Antivirus
Trj/Mystic.a
17.03.16.10

Qihoo 360 Security
Win32/Trojan.2ff
1.0.0.1015

Quick Heal
Trojan.Agent.gjqq
3.17.14.00

Sophos
Mal/FakeAV-GQ
4.98

Total Defense
Win32/Ertfor.ES
37.0.11061

Trend Micro House Call
TROJ_AGENT.ARIV
7.2.75

Trend Micro
TROJ_AGENT.ARIV
10.465.16

Vba32 AntiVirus
BScope.TrojanDropper.Agent
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Kryptik.klw
31316

Zillya! Antivirus
Trojan.Agent.Win32.281480
2.0.0.1859

File size:
29.3 KB (30,000 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\temp\yhgtvw.exe

File PE Metadata
Compilation timestamp:
8/2/2006 10:11:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x17F8

Entry point:
55, 8B, EC, 81, C4, 44, FF, FF, FF, B9, B9, 36, D6, 02, 8B, 05, C4, 61, 40, 00, 89, 45, 98, 81, F9, 0B, 80, 91, EE, 74, 06, 89, 8D, 68, FF, FF, FF, 53, BB, 74, 7D, 13, 4E, BA, A0, 63, 98, 4E, 89, 95, 68, FF, FF, FF, 89, 95, 68, FF, FF, FF, 89, 9D, 6C, FF, FF, FF, 56, 8B, 9D, 6C, FF, FF, FF, B9, B6, DE, DA, CE, 89, 8D, 6C, FF, FF, FF, 21, DB, 0F, 85, F9, 00, 00, 00, 8D, 91, C6, 32, F0, E2, 09, D2, 0F, 84, EB, 00, 00, 00, 81, FA, 32, B0, E4, 22, 0F, 84, DF, 00, 00, 00, 33, F6, 83, FA, 55, 74, 0B, 81, FA, 31...
 
[+]

Entropy:
4.3568

Developed / compiled with:
Microsoft Visual C++

Remove yhgtvw.exe - Powered by Reason Core Security