home

bluemsxv231full.exe

The executable bluemsxv231full.exe has been detected as malware by 5 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.vik.cc.
MD5:
96b5553674b51b225f5168d2be963810

SHA-1:
ddfc049c946708b949fc877064227c2419d58321

SHA-256:
df289ae05f11af620ad65cf8a0e3d40d0c58b1602fdaeaacb8795b4a6f20564a

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
1/13/2025 10:51:47 AM UTC  (today)

Scan engine
Detection
Engine version

Kaspersky
Trojan-Dropper.Win32.Dorifel
14.0.0.938

McAfee
Artemis!96B5553674B5
5600.6545

Quick Heal
TrojanDropper.Dorifel.g8
12.15.14.00

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.151219

Zillya! Antivirus
Dropper.Dorifel.Win32.16480
2.0.0.2484

File size:
8.4 MB (8,830,685 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:Ne8G1ZkXZt0XoBpow6QS88gAKVJXGM94GnS2m:Ne6omwSYbGnjm

Entry address:
0x6CB0

Entry point:
55, 8B, EC, 81, C4, EC, FE, FF, FF, 33, C0, 89, 85, F0, FE, FF, FF, 89, 85, EC, FE, FF, FF, B8, 48, 6C, 40, 00, E8, B7, B3, FF, FF, 33, C0, 55, 68, 24, 6E, 40, 00, 64, FF, 30, 64, 89, 20, E8, 98, B4, FF, FF, 33, D2, 52, 50, 8D, 85, F4, FE, FF, FF, E8, 99, AF, FF, FF, 8D, 95, F4, FE, FF, FF, B8, E8, 88, 40, 00, E8, 69, AB, FF, FF, A1, E8, 88, 40, 00, E8, 47, AD, FF, FF, 50, 68, 30, 6E, 40, 00, E8, 8C, B4, FF, FF, E8, 4B, B6, FF, FF, 68, 05, 01, 00, 00, 68, E0, 87, 40, 00, 6A, 00, E8, 3E, B4, FF, FF, 8B, C8...
 
[+]

Entropy:
7.9989

Developed / compiled with:
Microsoft Visual C++

Code size:
24 KB (24,576 bytes)

The file bluemsxv231full.exe has been seen being distributed by the following URL.

http://www.vik.cc/bluemsx/.../blueMSXv231full.exe

Remove bluemsxv231full.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.