» gerador mini mundo.exe
Overview
Analysis
File Details
Downloads (4)

gerador mini mundo.exe

Software

The executable gerador mini mundo.exe has been detected as malware by 23 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fs01n2.sendspace.com and multiple other hosts.

File name:

Publisher:

Software

Product:

Software

Version:

1.0.0.0

MD5:

79ea2a5b4232152bc3d8dd176f36278a

SHA-1:

7ee538b1dedca257329fae1c618788654e03ff61

SHA-256:

e745beee700de4fd7ba1ae40b1c3419bcc7dfccd6aa74441ec85fc2cc05bc5da

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

11/15/2024 1:25:41 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.MSILPerseus.15328

297

AegisLab AV Signature

Troj.W32.Generic!c

2.1.4+

Avira AntiVirus

TR/Dropper.Gen

8.3.3.4

Arcabit

Trojan.MSILPerseus.D3BE0

1.0.0.666

avast!

Win32:Malware-gen

2014.9-160413

AVG

Atros3

2017.0.2775

Baidu Antivirus

Win32.Trojan.WisdomEyes.151026.9950

4.0.3.16413

Bitdefender

Gen:Variant.MSILPerseus.15328

1.0.20.520

Clam AntiVirus

Win.Trojan.Agent-1386632

0.98/21511

Emsisoft Anti-Malware

Gen:Variant.MSILPerseus.15328

8.16.04.13.01

ESET NOD32

MSIL/TrojanDropper.Agent.CHP

10.13252

Fortinet FortiGate

MSIL/Agent.CHP!tr

4/13/2016

F-Secure

Gen:Variant.MSILPerseus.15328

11.2016-13-04_4

G Data

Gen:Variant.MSILPerseus.15328

16.4.25

IKARUS anti.virus

Trojan-Dropper.MSIL.Agent

t3scan.2.0.9.0

K7 AntiVirus

Riskware

13.220.19152

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.370

Malwarebytes

Trojan.Injector.MSIL

v2016.04.13.01

MicroWorld eScan

Gen:Variant.MSILPerseus.15328

17.0.0.312

Qihoo 360 Security

Win32/Trojan.4cc

1.0.0.1120

Rising Antivirus

PE:Malware.RDM.04!5.A [F]

23.00.65.16411

Sophos

Troj/MSIL-EPJ

4.98

Vba32 AntiVirus

Trojan.MSIL.Zapchast

3.12.26.4

File size:

405.5 KB (415,282 bytes)

Product version:

1.0.0.0

Software

Trademarks:

Software

Original file name:

Software.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

2/23/2016 3:26:04 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:n2c5/9mta6d2LtlyW0MLf6Zko1mUNh20lAB41oR19U6xUh0o80rTpE0KJ:nL54mTrf6qoxNh5+/3/WeGpDa

Entry address:

0x527E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

13 KB (13,312 bytes)

The file gerador mini mundo.exe has been seen being distributed by the following 4 URLs.

https://fs01n2.sendspace.com/dl/c1fe0f58c0aa680cfd38747e85a24145/5737a6b06163ba57/.../Gerador Mini Mundo.exe

temp:Gerador Mini Mundo.exe

https://fs01n2.sendspace.com/dl/756eae4706ceb4fcbe709140be70c8bd/57af5df57438cad0/.../Gerador Mini Mundo.exe

https://fs01n2.sendspace.com/dl/60783258ff790e229a65505a6fabdcde/574b36ae7d92c8af/.../Gerador Mini Mundo.exe

Remove gerador mini mundo.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.