Threat Database Trojans Trojan.MSIL.Bobik.D

Trojan.MSIL.Bobik.D

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 3,903
Threat Level: 80 % (High)
Infected Computers: 609
First Seen: October 12, 2021
Last Seen: December 16, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.MSIL.Bobik.D
Signature status: No Signature

Known Samples

MD5: 36afaf9bf38895990531e7b90d2e1e24
SHA1: 021dc7a46bc70b1c176a8a25f7358933791b8517
File Size: 288.77 KB, 288768 bytes
MD5: 9f0d00b6e6f0caae6bb89154aeff9b7a
SHA1: e0f653127f0195d7fb871328acf419da11684f43
SHA256: 85894FC5F705B09D6B678C1E1D8E185E16B9706699656E8A97B6C55CD831267D
File Size: 285.88 KB, 285879 bytes
MD5: 7ba72ea3c60716514b7758dcc744a7fa
SHA1: 0348aeb43f51ec269f4c9cc60956712d82b143e0
SHA256: A3ACBCCFCA160C30E35FB6CA3C16F4636D7FBF53E1E7315E5C78662FA687A343
File Size: 660.32 KB, 660324 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have security information
  • File is .NET application
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Assembly Version
  • 5.8.1.0
  • 5.7.7.0
  • 5.7.4.0
Comments Macro Recorder
Company Name Jitbit Macro Recorder
File Description MacroRecorder
File Version
  • 5.8.1.0
  • 5.7.7.0
  • 5.7.4.0
Internal Name ExeTemplate.exe
Legal Copyright
  • Copyright © Jitbit 2010-2014
  • Copyright © Jitbit 2010-2021
Original Filename ExeTemplate.exe
Product Name MacroRecorder
Product Version
  • 5.8.1.0
  • 5.7.7.0
  • 5.7.4.0

File Traits

  • .NET
  • big overlay
  • x86

Block Information

Total Blocks: 299
Potentially Malicious Blocks: 200
Whitelisted Blocks: 88
Unknown Blocks: 11

Visual Map

x 0 x x ? x x x x x 0 x x x 0 x 0 x 0 0 x x 0 0 x x x 0 x x 0 x x x x x x 0 x x x 0 x x x x x x x x x x x x ? x x x x 0 x x x x x x 0 x x 0 0 x 0 0 x x x x x x 0 0 x x x 0 0 x x 0 x x x 0 x x x 0 x x 0 x ? ? x x x 0 x x x 0 x x x x 0 0 x 0 x 0 x 0 x x x 0 x x 0 x 0 x x x x x x 0 x x 0 0 x x 0 x x x x x ? x x x x 0 x x x 0 x 0 0 0 ? 0 x x x x x x x x ? x 0 x 0 x x x x x 0 x 0 0 ? x 0 0 0 0 0 0 0 0 x 0 x x 0 x x 0 x x 0 x x 0 0 0 0 x x x 0 x ? ? 0 x x ? x 0 0 x x x 0 x x x 0 0 0 0 x x x x x 0 0 x x 0 x x x x x 0 0 x x x x x x x 0 x x 0 x x x x x x x x x x 0 x x 0 x x x x x x x 0 x x 0 x x x 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • MSIL.Bobik.D

Windows API Usage

Category API
User Data Access
  • GetUserDefaultLocaleName
  • GetUserObjectInformation
Anti Debug
  • IsDebuggerPresent
  • NtQuerySystemInformation

Trending

Most Viewed

Loading...