AQWorlds Member and acs generator v4.1.exe

AQWorlds Member and acs generator v4.1

The executable AQWorlds Member and acs generator v4.1.exe has been detected as malware by 8 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download2063.mediafire.com and multiple other hosts.
Product:
AQWorlds Member and acs generator v4.1

Version:
1.0.0.0

MD5:
339198420b266afaa100d153136c6ed2

SHA-1:
eb6b0a29bc300fc343c7f2a146e86678235eb397

SHA-256:
c5f497a6cc15ee8656a0e5bc34f8409e0ac7ee2b2826ba7161fffa0a769c42d0

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
12/26/2024 2:40:00 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Kazy.176476.10
7.11.131.238

avast!
Win32:Rootkit-gen [Rtk]
2014.9-140216

AVG
Pakes_c
2015.0.3561

Comodo Security
UnclassifiedMalware
17791

G Data
Win32.Trojan.Agent.B4H3LW
14.2.24

IKARUS anti.virus
Trojan.Kazy
t3scan.2.2.29

McAfee
Artemis!339198420B26
5600.7217

Norman
Suspicious_Gen5.ABIBV
11.20140216

File size:
759 KB (777,216 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2012

Original file name:
AQWorlds Member and acs generator v4.1.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\aqworlds member and acs generator v4.1.exe

File PE Metadata
Compilation timestamp:
6/14/2012 3:14:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:i/X/X/X/f9QvkgsDl8Cldpj43IpdeTdWfVJWxkLYf4qMzJZ+Cjh/AUIHd0hSzcUZ:i///NK2Dl8Cld8Ive4dJQkLYf4qUJcOE

Entry address:
0xBE10E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9497  (probably packed)

Code size:
752.5 KB (770,560 bytes)

The file AQWorlds Member and acs generator v4.1.exe has been seen being distributed by the following 3 URLs.

http://download2063.mediafire.com/vsetwqrd241g/.../AQWorlds Member and acs generator v4.1.exe

Remove AQWorlds Member and acs generator v4.1.exe - Powered by Reason Core Security