File Search: 

ThreatExpert's awareness of the file "5.exe":

Across all ThreatExpert reports, the file "5.exe" was mostly identified as a threat.
File "5.exe" has the following statistics:
Total number of reports analysed611,932
Number of cases that involved the file "5.exe"354
Number of incidents when this file was found to be a threat276
Statistical volume of cases when "5.exe" was a threat78%
Please enable javascript to display the chart.
Notes:
  • Please note that the name of the file should NOT be used to define if it is legitimate or not. Such determination can only be made by observing its dynamic behaviour.
  • In order to check a file, please submit it to ThreatExpert.
  • For a comprehensive pro-active protection against threats, please consider ThreatFire - our behavioral antivirus solution.
The file "5.exe" is known to be created under the following filenames:
%AllUsersProfile%\cncdown.exe
%AppData%\1.exe
%AppData%\5.exe
%AppData%\blaah.exe
%AppData%\bootrest.exe
%AppData%\calc.exe
%AppData%\codecsetup.exe
%AppData%\codecsetup3788.exe
%AppData%\codecsetup4127.exe
%AppData%\codecsetup6400.exe
%AppData%\codecsetup8536.exe
%AppData%\cp_setup_assist.exe
%AppData%\cuda.exe
%AppData%\dealassistant\dauninstall.exe
%AppData%\digifast\dfuninstall.exe
%AppData%\hose.exe
%AppData%\ijango_toolbar_installer.exe
%AppData%\ldr.exe
%AppData%\microsoft\dtsc\t.exe
%AppData%\microsoft\office71\vhchk.exe
%AppData%\microsoft\svchost.exe
%AppData%\microsoft\windows\ernsjyi.exe
%AppData%\microsoft\windows\jjcmdrj.exe
%AppData%\microsoft\windows\nheste.exe
%AppData%\microsoft\windows\nxmwp.exe
%AppData%\microsoft\windows\rwmgh.exe
%AppData%\microsoft\windows\security\user0.exe
%AppData%\microsoft\windows\tbljxjk.exe
%AppData%\microsoft\windows\vohth.exe
%AppData%\microsoft\windows\vvpmyvaw.exe
%AppData%\mxplay\temp\mxplay_installer.exe
%AppData%\ntcom.dll
%AppData%\nthead.dll
%AppData%\pak-5593.exe
%AppData%\pak-5594.exe
%AppData%\pak-5595.exe
%AppData%\pak-5596.exe
%AppData%\pak-5597.exe
%AppData%\pak-5598.exe
%AppData%\pak-5599.exe
%AppData%\pak-5600.exe
%AppData%\pak-5601.exe
%AppData%\pak-5602.exe
%AppData%\pak-5603.exe
%AppData%\salehoo\auctionalert\_tmp\aa.exe
%AppData%\salehoo\salehooalert\_tmp\aa.exe
%AppData%\scvhost.exe
%AppData%\silverlight\silverlight.exe
%AppData%\skynet\muonline\_cw0srv.exe
%AppData%\skynet\muonline\234672.exe
%AppData%\skynet\muonline\239874.exe
%AppData%\skynet\muonline\293874.exe
%AppData%\skynet\muonline\345674.exe
%AppData%\skynet\muonline\345676.exe
%AppData%\skynet\muonline\435627.exe
%AppData%\skynet\muonline\543978.exe
%AppData%\skynet\muonline\546783.exe
%AppData%\speedrunner\sruninstall.exe
%AppData%\temp.dll
%AppData%\truesword4.exe
%AppData%\wefisetup.exe
%AppData%\winbutler\winbuninstaller.exe
%AppData%\winbutler\winbutler.exe
%AppData%\windows.exe
%AppData%\wintouch\wintouch.exe
%AppData%\wintouch\wtuninstaller.exe
%AppData%\wrar380d.exe
%AppData%\yeah\yeah374809.exe
%CommonAppData%\38001914.exe
%CommonAppData%\3810eef8.exe
%CommonAppData%\381751d0.exe
%CommonAppData%\388f0900.exe
%CommonAppData%\38d3ff69.exe
%CommonAppData%\aol downloads\aoltoolbar\setuptoolbar.exe
%CommonAppData%\av1\av1.exe
%CommonAppData%\av1\av1i.exe
%CommonAppData%\av1\av1i2.exe
%CommonAppData%\av1\av1two.exe
%CommonAppData%\av1\qwprotect.dll
%CommonAppData%\av1\svchost.exe
%CommonAppData%\av2010\av2010.exe
%CommonAppData%\av2010\iedefender.dll
%CommonAppData%\av2010\svchost.exe
%CommonAppData%\dyned\eng_loc.exe
%CommonAppData%\e4a12b7\extraav.exe
%CommonAppData%\e4a12b7\ua2009.exe
%CommonAppData%\e4a12b7\valarm.exe
%CommonAppData%\e4a12b7\vmelt.exe
%CommonAppData%\e4a12b7\vsweep.exe
%CommonAppData%\fetion\fetionupdate.exe
%CommonAppData%\gav\sgav.exe
%CommonAppData%\n1\n1.exe
%CommonAppData%\n1\n1i.exe
%CommonAppData%\n1\n1two.exe
%CommonAppData%\n1\qwprotect.dll
%CommonAppData%\n1\svchost.exe
%CommonAppData%\nexon\ngm\ngmdll.dll
%CommonAppData%\qw2010\qw2010.exe
%CommonAppData%\qw2010\qw2010i.exe
%CommonAppData%\qw2010\qw2010i2.exe
Notes:
  • %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.

The file "5.exe" has the following possible countries of origin:
OriginNumber of Incidents
Russian Federation13
France4
China3
Netherlands2
United Kingdom2
Australia1
Belgium1
Germany1
Israel1
Portugal1
Sweden1

The following threats are known to be associated with the file "5.exe":
Threat AliasNumber of Incidents
Mal/EncPk-EU [Sophos]1,311
Trojan.Fakeavalert [Symantec]965
Generic.dx [McAfee]940
Trojan.Fakeavalert!sd6 [PC Tools]824
Trojan-Downloader.Exchanger.Gen.2 [Ikarus]824
Trojan:Win32/Tibs.ID [Microsoft]820
Backdoor.Win32.Frauder.fc [Kaspersky Lab]779
Backdoor.Frauder!sd6 [PC Tools]764
Trojan:Win32/Tibs.IH [Microsoft]545
Backdoor.Win32.Frauder.lr [Kaspersky Lab]360
Trojan.Win32.Tibs [Ikarus]341
Trojan:Win32/Tibs.IF [Microsoft]323
Generic BackDoor [McAfee]322
Troj/FakeVir-GJ [Sophos]300
Packed.Generic.186 [Symantec]277
Downloader [Symantec]276
Tibs-Packed [McAfee]270
Backdoor.Win32.Frauder.fb [Kaspersky Lab]245
Trojan.Zlob [Symantec]226
Backdoor.Win32.Frauder.kh [Kaspersky Lab]224
Troj/Bdoor-AOK [Sophos]224
Generic Downloader.x [McAfee]220
Backdoor.Win32.Frauder.fb [Ikarus]209
Backdoor.Win32.Frauder.jt [Kaspersky Lab]208
not-a-virus:FraudTool.Win32.MSAntivirus.r [Kaspersky Lab]190
Mal/Generic-A [Sophos]137
Backdoor.Win32.Frauder.jt [Ikarus]112
Mal/EncPk-CZ [Sophos]112
Trojan-Downloader.Win32.Hoaxer.a [Kaspersky Lab]98
Backdoor.Win32.Frauder.kh [Ikarus]96
AdWare.Antivirus.nnk [Ikarus]91
Trojan-Downloader.Win32.Agent.amfa [Kaspersky Lab]91
TrojanDownloader:Win32/Renos.DU [Microsoft]82
Trojan:Win32/Tibs.IG [Microsoft]63
Trojan-Downloader.Win32.Agent.aigp [Kaspersky Lab]63
Generic PUP.x [McAfee]50
Trojan-Downloader.Win32.Agent.anyj [Kaspersky Lab]49
Virus.Win32.AdWare [Ikarus]49
not-a-virus:FraudTool.Win32.MSAntivirus.ak [Kaspersky Lab]46
not-a-virus:FraudTool.Win32.UltimateAntivirus.cq [Kaspersky Lab]46
Trojan-Downloader.Hoaxer!sd6 [PC Tools]35
Backdoor.Win32.Frauder [Ikarus]32
Generic.Win32.Malware.Antivirus2008 [Ikarus]30
not-a-virus:FraudTool.Win32.SpywarePreventer.y [Kaspersky Lab]19
not-a-virus:FraudTool.Win32.UltimateAntivirus.cp [Kaspersky Lab]19
Win-Trojan/Xema.variant [AhnLab]16
Downloader.MisleadApp [Symantec]15
Trojan Horse [Symantec]15
Virus.Win32.FakeAlert.S [Ikarus]12
Backdoor.Win32.Frauder.oe [Kaspersky Lab]10
Trojan-Downloader.MisleadApp!sd6 [PC Tools]10
Mal/Packer [Sophos]7
not-a-virus.Keygen.Nero [Ikarus]6
FakeAlert-AB [McAfee]5
Trojan.Zlob [Ikarus]5
SecurityRisk.Downldr [Symantec]4
Trojan-Downloader.Win32.Agent.aoyg [Kaspersky Lab]4
Trojan-Downloader.Win32.Delf.TU [Ikarus]4
OScope.Dialer.GMHA [Ikarus]3
PSWTool.IEPassView!sd5 [PC Tools]3
Suspicious.MH690 [Symantec]3
Trojan.Generic [Ikarus]3
Trojan-Dropper.Delf [Ikarus]3
Worm.Win32.AutoRun.enw [Kaspersky Lab]3
Backdoor.Pigeon [Ikarus]2
Backdoor.Win32.PoeBot.C [Ikarus]2
Hacktool [Symantec]2
Infostealer.Bancos [Symantec]2
Infostealer.Wowcraft [Symantec]2
Mal/TinyDL-T [Sophos]2
not-a-Virus.Hacktool.Keygen.Norton2008 [Ikarus]2
not-a-virus.Keygen.AvastPro [Ikarus]2
not-a-virus:AdWare.Win32.BHO.kuw [Kaspersky Lab]2
not-a-virus:FraudTool.Win32.UltimateAntivirus.an [Kaspersky Lab]2
not-a-virus:PSWTool.Win32.IEPassView.a [Kaspersky Lab]2
PWS-Banker [McAfee]2
PWS-Gamania.gen.a [McAfee]2
Troj/AdbPat-A [Sophos]2
Trojan.Cinmeng [Symantec]2
Trojan.Crypt [Ikarus]2
Trojan.Dropper [Symantec]2
Trojan:Win32/Cinmus.N [Microsoft]2
Trojan-Downloader.generic!ct [PC Tools]2
W32.Dotex.CA [Symantec]2
W32/Autorun.worm.gen [McAfee]2
Win32.SuspectCrc [Ikarus]2
Win-Trojan/Agent.20480.KQ [AhnLab]2
Win-Trojan/Cinmus.79598 [AhnLab]2
Worm.AutoRun!sd6 [PC Tools]2
Worm:Win32/Mocmex.gen!A [Microsoft]2
WORM_AUTORUN.AJX [Trend Micro]2
Adware.IE_Driver [PC Tools]1
Adware.IEDriver [Symantec]1
Adware:Win32/Verticity.A [Microsoft]1
Adware-IEDriver [McAfee]1
Backdoor.Ciadoor [Symantec]1
Backdoor.Hupigon!sd5 [PC Tools]1
Backdoor.Rbot [Ikarus]1
Backdoor.ServU!ct [PC Tools]1
Backdoor.Win32.Delf.nld [Kaspersky Lab]1