Riskware ( 005cde941 )

<< Back to Top Threats

K7 Detection Name	Affected OS	Prevalence	AV Definition Version
Riskware ( 005cde941 )	Windows	Low	14.4.56941

MD5	d4f4de2cfca1cb4a223cdc517b8f7757
SHA256	215e23181b53d28889e439ab918fee44e7d875aca6f06e43f1ce11ac9e6116b4
File Size	18,502,656 bytes
Packer Information	VMProtect
First Seen	09-06-2025
Last Seen	27-04-2026
Aliases	N/A

Behavior Details

Downloads the file:
/filestreamingservice/files/cbb80af8-2d61-4061-ba1b-310744c20bd3/pieceshash?cacheHostOrigin=msedge.f.dl.delivery.mp.microsoft.com
From the url: http://69.171.211.201/filestreamingservice/files/cbb80af8-2d61-4061-ba1b-310744c20bd3/pieceshash?cacheHostOrigin=msedge.f.dl.delivery.mp.microsoft.com

Downloads the file:
/filestreamingservice/files/cbb80af8-2d61-4061-ba1b-310744c20bd3?P1=1778866080&P2=404&P3=2&P4=ezrB20theSL%2bYAIXmSXbePH5yNBzmtP6CdU7h0OIw%2b0EoBxBz3P38XNsPPEsHGPApAk3aS6hANxTG7RlhAOpcA%3d%3d&cacheHostOrigin=msedge.b.tlu.dl.delivery.mp.microsoft.com
From the url: http://69.171.211.201/filestreamingservice/files/cbb80af8-2d61-4061-ba1b-310744c20bd3?P1=1778866080&P2=404&P3=2&P4=ezrB20theSL%2bYAIXmSXbePH5yNBzmtP6CdU7h0OIw%2b0EoBxBz3P38XNsPPEsHGPApAk3aS6hANxTG7RlhAOpcA%3d%3d&cacheHostOrigin=msedge.b.tlu.dl.delivery.mp.microsoft.com Downloads the file:
/filestreamingservice/files/cbb80af8-2d61-4061-ba1b-310744c20bd3/pieceshash?cacheHostOrigin=msedge.f.dl.delivery.mp.microsoft.com
From the url: http://69.171.211.201/filestreamingservice/files/cbb80af8-2d61-4061-ba1b-310744c20bd3/pieceshash?cacheHostOrigin=msedge.f.dl.delivery.mp.microsoft.com

Removal Instructions

1. Update K7 security to the latest version.
2. Restart the machine.