Reason Labs

_2.exe

Folder View

The executable _2.exe has been detected as malware named Trojan.Bagshu.
Product:
Folder View

Version:
7.00

MD5:
3df725a9ea157ae79ee77e20c9d09f18

SHA-1:
5786ce8174068bbd917915a7856905cf0c00a3e0

SHA-256:
e189ffe63cb839cdf4d2283380efe6ef06e4b1068c7fa9840b8b322bbc1b6272

Detection:
Trojan.Bagshu

Risk:
Medium

Analysis date:
10/21/2018 12:14:06 AM UTC  (today)

File size:
612 KB (626,688 bytes)

Product version:
7.00

Original file name:
IDvDFolderView 2012-09-09.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
12/13/1996 1:33:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x9897B

Entry point:
90, 8D, 1B, 83, 3C, 24, FE, 77, FE, 8D, 64, 24, CC, 8A, C0, 38, FF, 60, 83, EC, DC, E8, F1, FE, FF, FF, 4B, 66, 4B, 75, FC, 48, 3C, 76, 46, FF, 73, 3C, B0, DB, 59, 46, 81, E9, FD, FF, FF, 7F, 0F, 83, E4, FF, FF, FF, 81, D9, E6, 13, 00, 00, 71, DC, F9, 80, CE, 27, FF, B4, 19, E4, 13, 00, 80, 83, C4, 04, 86, CC, 66, 81, 44, 24, FC, B0, BA, 75, C3, B6, 52, 01, D9, 68, 55, 01, 78, 07, E8, D5, FE, FF, FF, 89, 74, 24, 44, E8, A9, 00, 00, 00, 89, 44, 24, 34, 83, E8, 04, 0F, 82, 41, FD, FF, FF, 86, CE, 64, A1, 18...
 
[+]

Entropy:
5.6213

Characteristics:
0x271

Code size:
80 KB (81,920 bytes)

Download Reason Core Security - Powerful anti-malware software