cex2dex.exe

The executable cex2dex.exe has been detected as malware by 9 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download1584.mediafire.com and multiple other hosts.
MD5:
dcc152ee914c10dcc55d30321b583c7e

SHA-1:
ffbd8717093113b2dc07a6947ab11422c28f074c

SHA-256:
4aa7bb5486c695f9f38f17a21bbcfe0957d51e32f37ed432b7aa832daa6fd2ac

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
12/26/2024 6:59:07 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Vitro
2014.9-140802

Bkav FE
W32.HfsAutoB
1.3.0.4959

Comodo Security
UnclassifiedMalware
18413

McAfee
Artemis!DCC152EE914C
5600.7051

Norman
Suspicious_Gen4.AOTNP
11.20140802

Qihoo 360 Security
HEUR/Malware.QVM10.Gen
1.0.0.1015

Rising Antivirus
PE:Trojan.Win32.Generic.1358E91F!324593951
23.00.65.14731

Trend Micro House Call
TROJ_GEN.R047H05E914
7.2.214

VIPRE Antivirus
Trojan.Win32.Generic
29878

File size:
5.4 MB (5,652,480 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\cex2dex.exe

File PE Metadata
Compilation timestamp:
7/16/2012 8:18:00 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:WOA+rr+16Sb/ZQye87kG6GS/sjD8h9xMEl9tNMmjGpX4B3TFC:NdX+lZQ678U/8h9xMEl9fMmmX4B3

Entry address:
0x725E

Entry point:
E8, 46, 06, 00, 00, E9, 63, FD, FF, FF, 75, 01, C3, 55, 8B, EC, 83, EC, 00, 50, 52, 53, 56, 57, 6A, 00, FF, 75, 04, E8, 7C, 09, 00, 00, 59, 59, 5F, 5E, 5B, 5A, 58, 8B, E5, 5D, C3, 8B, FF, 55, 8B, EC, 51, 51, 53, 56, 8B, F2, 33, DB, 8B, D1, 89, 55, F8, 89, 5D, FC, 39, 1E, 7E, 3F, 57, BF, CC, CC, CC, CC, 8B, 46, 04, 8B, 0C, 18, 39, 7C, 11, FC, 75, 0B, 8B, 44, 18, 04, 03, C1, 39, 3C, 10, 74, 14, 8B, 46, 04, FF, 74, 18, 08, FF, 75, 04, E8, 67, 09, 00, 00, 8B, 55, F8, 59, 59, FF, 45, FC, 8B, 45, FC, 83, C3, 0C...
 
[+]

Entropy:
7.9063  (probably packed)

Code size:
31 KB (31,744 bytes)

The file cex2dex.exe has been seen being distributed by the following 3 URLs.

http://download1584.mediafire.com/8rn3gp4tffgg/.../CEX2DEX.exe

Remove cex2dex.exe - Powered by Reason Core Security