home

ztsdxaxtfy

Cobind

The file ztsdxaxtfy by Cobind has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Cobind  (signed and verified)

MD5:
f772188c76af3ad60c160ec410d61fbe

SHA-1:
e86d2e0419cdf017ea607e932608fe27e7f4519b

SHA-256:
70064ad50d203d0ae874a67de8f7eac59b82671ddde2acddac5a236e95c1d060

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 7:48:55 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Cobind.Kryptic (M)
16.10.4.11

File size:
170.4 KB (174,514 bytes)

Common path:
C:\users\{user}\appdata\local\temp\ztsdxaxtfy

Digital Signature
Signed by:
Cobind

Authority:
Cobind

Valid from:
8/5/2016 10:36:03 AM

Valid to:
8/3/2026 10:36:03 AM

Subject:
E=admin@cobind.com, CN=cobind.com, OU=Ques Unit, O=Cobind, L=New York City, S=New York, C=US

Issuer:
E=admin@cobind.com, CN=cobind.com, OU=Ques Unit, O=Cobind, L=New York City, S=New York, C=US

Serial number:
00ABF3127C9761E782

File PE Metadata
Compilation timestamp:
8/8/2016 5:27:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:FtywpV9hGVT59BkfaI47WvI9HuM9ACZocSQRB1ZP:FtP9nfadnfBf

Entry address:
0x151FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
80 KB (81,920 bytes)

Remove ztsdxaxtfy - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.