» zgtblbjyuki.exe
Overview
Analysis
File Details

zgtblbjyuki.exe

ProductName

Sierra Wireless, Inc.

The executable zgtblbjyuki.exe has been detected as malware by 30 anti-virus scanners.

File name:

zgtblbjyuki.exe

Publisher:

CompanyName (signed by Sierra Wireless, Inc.)

Product:

ProductName

Description:

FileDescription

Version:

1,0,0,0

MD5:

532debc771bf71017e07f097b4d74281

SHA-1:

57ba1fd4b8fe2abb37b30b72951daca6d29defb1

SHA-256:

3310f61470a3f1d00482cf0724ae31774b6e96abee98b65e1d22ca980c723cd5

Scanner detections:

30 / 68

Status:

Malware

Analysis date:

4/19/2025 11:51:29 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Jatif.485

-22

AegisLab AV Signature

Troj.Ransom.W32.Raas!c

2.1.4+

AhnLab V3 Security

Trojan/Win32.Sarento.C1407273

3.8.2.16

Avira AntiVirus

TR/Sarento.711960.10

8.3.3.4

Arcabit

Trojan.Jatif.485

1.0.0.792

AVG

FileCryptor

2018.0.2456

Bitdefender

Gen:Variant.Jatif.485

1.0.20.285

Dr.Web

Trojan.MulDrop6.14775

9.0.1.057

Emsisoft Anti-Malware

Gen:Variant.Jatif.485

8.17.02.26.06

ESET NOD32

Win32/Filecoder.NFP (variant)

11.14650

Fortinet FortiGate

W32/Filecoder.EZ!tr

2/26/2017

F-Prot

W32/S-61b403f2

v6.4.7.1.166

F-Secure

Gen:Variant.Jatif.485

11.2017-26-02_1

G Data

Gen:Variant.Jatif.485

17.2.25

IKARUS anti.virus

Ransom.Win32.Sarento

0.1.3.4

K7 AntiVirus

Trojan

13.246.21874

Kaspersky

Trojan-Ransom.Win32.Raas

14.0.0.-1226

Malwarebytes

Ransom.FileCryptor

v2017.02.26.06

McAfee

Artemis!532DEBC771BF

5600.6112

Microsoft Security Essentials

Ransom:Win32/Sarento.C

1.1.13303.0

MicroWorld eScan

Gen:Variant.Jatif.485

18.0.0.171

Panda Antivirus

Trj/Genetic.gen

17.02.26.06

Qihoo 360 Security

Trojan.Generic

1.0.0.1120

Rising Antivirus

Trojan.Generic-eriTAoaMBRN (cloud)

23.00.65.17224

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R00JC0DFQ16

7.2.57

Trend Micro

TROJ_GEN.R00JC0DFQ16

10.465.26

Vba32 AntiVirus

Hoax.Raas

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

54674

Zillya! Antivirus

Trojan.Filecoder.Win32.1748

2.0.0.3160

File size:

695.3 KB (711,960 bytes)

Product version:

1,0,0,0

LegalCopyright

Trademarks:

LegalTrademarks

Original file name:

OriginalFilename

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\zgtblbjyuki.exe

Digital Signature

Signed by:

Sierra Wireless, Inc.

Authority:

VeriSign, Inc.

Valid from:

11/19/2014 5:30:00 AM

Valid to:

11/19/2017 5:29:59 AM

Subject:

CN="Sierra Wireless, Inc.", O="Sierra Wireless, Inc.", L=Richmond, S=British Columbia, C=CA

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1246FE0A4C3B01FF688305DCA678EE57

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x12A0

Entry point:

83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, A4, 11, 4B, 00, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, BC, 11, 4B, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, B0, 11, 4B, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, A1, B8, C0, 4A, 00, 85, C0, 74, 41, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, D0, 4A, 00, E8, 75, 7E, 0A, 00, BA, 00, 00, 00, 00, 83, EC, 04, 85, C0, 74, 15, C7, 44, 24, 04, 0E, D0, 4A, 00, 89, 04, 24, E8, 51, 7E, 0A, 00, 83, EC, 08, 89, C2, 85, D2, 74, 09... 
[+]

Entropy:

4.7583

Code size:

673 KB (689,152 bytes)

Remove zgtblbjyuki.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.