gerador mini mundo.exe

Software

The executable gerador mini mundo.exe has been detected as malware by 23 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fs01n2.sendspace.com and multiple other hosts.
Publisher:
Software

Product:
Software

Version:
1.0.0.0

MD5:
79ea2a5b4232152bc3d8dd176f36278a

SHA-1:
7ee538b1dedca257329fae1c618788654e03ff61

SHA-256:
e745beee700de4fd7ba1ae40b1c3419bcc7dfccd6aa74441ec85fc2cc05bc5da

Scanner detections:
23 / 68

Status:
Malware

Analysis date:
12/26/2024 11:44:08 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.MSILPerseus.15328
297

AegisLab AV Signature
Troj.W32.Generic!c
2.1.4+

Avira AntiVirus
TR/Dropper.Gen
8.3.3.4

Arcabit
Trojan.MSILPerseus.D3BE0
1.0.0.666

avast!
Win32:Malware-gen
2014.9-160413

AVG
Atros3
2017.0.2775

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.16413

Bitdefender
Gen:Variant.MSILPerseus.15328
1.0.20.520

Clam AntiVirus
Win.Trojan.Agent-1386632
0.98/21511

Emsisoft Anti-Malware
Gen:Variant.MSILPerseus.15328
8.16.04.13.01

ESET NOD32
MSIL/TrojanDropper.Agent.CHP
10.13252

Fortinet FortiGate
MSIL/Agent.CHP!tr
4/13/2016

F-Secure
Gen:Variant.MSILPerseus.15328
11.2016-13-04_4

G Data
Gen:Variant.MSILPerseus.15328
16.4.25

IKARUS anti.virus
Trojan-Dropper.MSIL.Agent
t3scan.2.0.9.0

K7 AntiVirus
Riskware
13.220.19152

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.370

Malwarebytes
Trojan.Injector.MSIL
v2016.04.13.01

MicroWorld eScan
Gen:Variant.MSILPerseus.15328
17.0.0.312

Qihoo 360 Security
Win32/Trojan.4cc
1.0.0.1120

Rising Antivirus
PE:Malware.RDM.04!5.A [F]
23.00.65.16411

Sophos
Troj/MSIL-EPJ
4.98

Vba32 AntiVirus
Trojan.MSIL.Zapchast
3.12.26.4

File size:
405.5 KB (415,282 bytes)

Product version:
1.0.0.0

Copyright:
Software

Trademarks:
Software

Original file name:
Software.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
2/23/2016 3:26:04 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:n2c5/9mta6d2LtlyW0MLf6Zko1mUNh20lAB41oR19U6xUh0o80rTpE0KJ:nL54mTrf6qoxNh5+/3/WeGpDa

Entry address:
0x527E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
13 KB (13,312 bytes)

The file gerador mini mundo.exe has been seen being distributed by the following 4 URLs.

https://fs01n2.sendspace.com/dl/c1fe0f58c0aa680cfd38747e85a24145/5737a6b06163ba57/.../Gerador Mini Mundo.exe

temp:Gerador Mini Mundo.exe

https://fs01n2.sendspace.com/dl/756eae4706ceb4fcbe709140be70c8bd/57af5df57438cad0/.../Gerador Mini Mundo.exe

Remove gerador mini mundo.exe - Powered by Reason Core Security