Trojan.Ekstak.DM

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	22,911
Threat Level:	80 % (High)
Infected Computers:	174

First Seen:	March 18, 2022
Last Seen:	October 28, 2025
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Trojan.Ekstak.DM
Signature status:	No Signature

Known Samples

MD5: 6a7be8b3ad113b6b46326c6620c3f174

SHA1: 2ca5be5a5ae25e18ac3f598b5b731f1c58a56ecc

SHA256: 6219692CD8FAC8B4B115BC10F1E7A616B7A0CBA32C1B05B70426A87D5B1B31DA

File Size: 9.51 MB, 9507853 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
File Description	Movie Label
File Version	14.0.5.2824
Internal Name	MoL2019
Original Filename	movielabel.exe
Product Name	Movie Label 2018
Product Version	14.0.5.1

File Traits

2+ executable sections
HighEntropy
VirtualQueryEx
x86

Block Information

Total Blocks:	4,288
Potentially Malicious Blocks:	1,472
Whitelisted Blocks:	927
Unknown Blocks:	1,889

Visual Map

x 0 ? ? ? ? 0 ? x ? 0 ? ? x ? x 0 0 x x 0 ? ? ? 0 0 0 ? 0 0 0 ? 0 ? x x x ? x ? ? ? 0 ? 0 0 ? ? x x ? x 0 0 x 0 x ? ? ? 0 0 0 0 0 0 0 0 0 x 0 0 x 0 ? ? ? 0 x 0 ? x 0 x 0 0 x ? x ? x 0 ? ? x x 0 0 ? 0 0 x ? 0 ? ? ? ? 0 0 0 x ? ? 0 0 ? 0 0 0 x 0 x 0 ? 0 0 ? 0 0 0 ? ? ? x ? x x ? ? x 0 ? x x ? 0 x ? ? 0 ? ? 0 0 0 x ? x ? x ? 0 0 0 0 0 ? 0 0 0 x ? x x 0 x 0 x 0 0 0 0 0 ? x ? ? x ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? 0 ? x ? 0 ? ? x ? x 0 0 x x 0 ? ? ? 0 0 0 ? 0 0 0 ? 0 ? x x x ? x ? ? ? 0 ? 0 0 ? ? x x ? x 0 0 x 0 x ? ? ? 0 0 0 0 0 0 0 0 0 x 0 0 x 0 ? ? ? 0 x 0 ? x 0 x 0 0 x ? x ? x 0 ? ? x x 0 0 ? 0 0 x ? 0 ? ? ? ? 0 0 0 x ? ? 0 0 ? 0 0 0 x 0 x 0 ? 0 0 ? 0 0 0 ? ? ? x ? x x ? ? x 0 ? x x ? 0 x ? ? 0 ? ? 0 0 0 x ? x ? x ? 0 0 0 0 0 ? 0 0 0 x ? x x 0 x 0 x 0 0 0 0 0 ? x ? ? x ? ? ? ? ? ? ? ? ? ? ? ? 0 ? x ? 0 ? ? x ? x 0 0 x x 0 ? ? ? 0 0 0 ? 0 0 0 ? 0 ? x x x ? x ? ? ? 0 ? 0 0 ? ? x x ? x 0 0 x 0 x ? ? ? 0 0 0 0 0 0 0 0 0 x 0 0 x 0 ? ? ? 0 x 0 ? x 0 x 0 0 x ? x ? x 0 ? ? x x 0 0 ? 0 0 x ? 0 ? ? ? ? 0 0 0 x ? ? 0 0 ? 0 0 0 x 0 x 0 ? 0 0 ? 0 0 0 ? ? ? x ? x x ? ? x 0 ? x x ? 0 x ? ? 0 ? ? 0 0 0 x ? x ? x ? 0 0 0 0 0 ? 0 0 0 x ? x x 0 x 0 x 0 0 0 0 0 ? x ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? 0 ? x ? 0 ? ? x ? x 0 0 x x 0 ? ? ? 0 0 0 ? 0 0 0 ? 0 ? x x x ? x ? ? ? 0 ? 0 0 ? ? x ? x 0 0 x 0 x ? ? ? 0 0 0 0 0 0 0 0 0 x 0 0 x x x 0 ? ? ? 0 x 0 ? x 0 x 0 0 x ? x ? x 0 ? ? x x 0 0 ? 0 0 x ? 0 ? ? ? 0 ? ? ? 0 0 ? 0 0 0 x 0 x 0 ? 0 0 0 0 ? 0 0 0 ? ? ? x ? x x ? ? x 0 ? x x ? 0 x ? ? 0 ? ? 0 0 0 x ? x ? x ? 0 0 0 0 0 ? 0 0 0 x ? x x 0 x 0 x 0 0 0 0 0 ? x ? ? x ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 0 x x ? ? ? ? ? 0 ? x ? 0 ? ? x ? x 0 0 x x 0 ? ? ? 0 0 0 ? 0 0 0 ? 0 ? x x x ? x ? ? ? 0 ? 0 0 ? ? x x ? x 0 0 x 0 x ? ? ? 0 0 0 0 0 0 0 0 0 x 0 0 x 0 ? ? ? 0 x 0 ? x 0 x 0 0 x ? x ? x 0 ? ? x x 0 0 ? 0 0 x ? 0 ? ? ? ? 0 0 0 x ? ? 0 0 ? 0 0 0 x 0 x 0 ? 0 0 ? 0 0 0 ? ? ? x ? x x ? ? x 0 ? x x ? 0 x ? ? 0 ? ? 0 0 0 x ? x ? x ? 0 0 0 0 0 ? 0 0 0 x ? x x 0 x 0 x 0 0 0 0 0 ? x ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? 0 ? x ? 0 ? ? x ? ? x 0 0 x x 0 ? ? ? 0 0 0 ? 0 0 0 ? 0 ? x x x ? x ? ? ? 0 ? 0 0 ? ? x ? x 0 0 x 0 x x ? ? ? 0 0 0 0 0 0 0 0 0 x 0 0 x 0 ? ? ? 0 x 0 ? x 0 x 0 0 x ? x ? x 0 ? ? x x 0 0 ? 0 0 x ? 0 ? ? ? ? ? ? ? x 0 0 ? 0 0 0 x 0 x 0 ? 0 0 ? 0 0 0 ? ? ? x ? x x ? ? ? ? x x x 0 x ? x 0 ? x x ? 0 x ? ? 0 ? ? 0 0 0 x ? x ? x ? 0 0 0 0 0 ? 0 0 0 x ? x x 0 x 0 x 0 0 0 0 0 ? x ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? ? 0 ? x ? 0 ? ? x ? x 0 0 x x 0 ? ? ? 0 0 0 ? 0 0 0 ? 0 ? x x x ? x ? ? ? 0 ? 0 0 ? ? x ? x 0 0 x 0 x ? ? ? 0 0 0 0 0 0 0 0 0 x 0 0 x 0 ? ? ? 0 x 0 ? x 0 x 0 0 x ? x ? x 0 ? ? ? x x 0 0 ? 0 0 x ? 0 ? ? ? ? 0 0 0 0 0 x ? ? 0 0 ? 0 0 0 x 0 x 0 ? 0 0 ? 0 0 0 ? ? x ? x x ? ? x 0 ? x x ? 0 x ? ? 0 ? ? 0 0 0 x ? x ? x ? 0 0 0 0 0 ? 0 0 0 x ? x x 0 x 0 x 0 0 0 0 0 ? x ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? 0 ? x ? 0 ? ? x ? x 0 0 x x 0 ? ? ? 0 0 0 ? 0 0 0 ? 0 ? x x x ? x ? ? ? 0 ? 0 0 ? ? x ? x 0 0 x 0 x ? ? ? 0 0 0 0 0 0 0 0 0 x 0 0 x 0 ? ? ? 0 x 0 ? x 0 x 0 0 x ? x ? x 0 ? ? x x 0 0 ? 0 0 x ? 0 ? ? ? ? ? ? 0 0 ? 0 0 0 x 0 x 0 ? 0 0 ? 0 0 0 ? ? ? x ? x x ? ? x 0 ? x x ? 0 x ? ? 0 ? ? 0 0 0 x ? x ? x ? 0 0 0 0 0 ? 0 0 0 x ? x x 0 x 0 x 0 0 0 0 0 ? x ? ? x ? ? ? 0 0 0 0 0 0 0 ? x ? ? ? ? ? x x ? ? x ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? 0 ? 0 ? ? ? ? ? ? x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x ? ? x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x 0 x x x 0 x x x x x x x x x x x 0 0 x 0 x x x x x x x x x x x x x x x 0 x x x x x x x ? x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x 0 x 0 x x x 0 0 x x x x x x x x x x x x 0 x 0 x x x 0 x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 x x ? x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x 0 x x x x x x ? ? x ? ? 0 ? ? ? ? ? x ? ? ? ? ? ? x ? x ? ? x ? ? x x x x ? x x ? ? ? ? x x x x x 0 x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x 0 ? ? x x x 0 x x x x x x x x x x x x x x 0 x x x x x 0 x x x 0 x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.Ekstak.DM

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Submit Comment

Trending

Thewebtimes.net

PUP.KISS Keylogger

'866-291-9960' Pop-Ups

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen