gwxux

Salung International Corporation

The file gwxux has been detected as malware by 27 anti-virus scanners.
Publisher:
Salung International Corporation  (signed and verified)

MD5:
3c48ba47883f72e052cb47b59f050517

SHA-1:
31345fdedf763d5dc8451029d14b9b5ea6eca1f4

SHA-256:
25e4c2b4a2951b281c58e5aea224cf6aef34a93985d12ffebbed5dd7dea476e9

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
12/29/2024 7:33:07 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.3353896
12

Avira AntiVirus
TR/Dropper.MSIL.culw
8.3.3.4

Arcabit
Trojan.Generic.D332D28
1.0.0.741

avast!
Win32:Malware-gen
2014.9-170123

AVG
Atros3
2018.0.2490

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.17123

Bitdefender
Trojan.GenericKD.3353896
1.0.20.115

Comodo Security
TrojWare.MSIL.Kryptik.~GMH
25390

Emsisoft Anti-Malware
Trojan.GenericKD.3353896
8.17.01.23.07

ESET NOD32
MSIL/Kryptik.GMH (variant)
11.13755

Fortinet FortiGate
MSIL/Kryptik.GMH!tr
1/23/2017

F-Secure
Trojan.GenericKD.3353896
11.2017-23-01_2

G Data
Trojan.GenericKD.3353896
17.1.25

IKARUS anti.virus
Trojan.MSIL.Crypt
t3scan.2.1.6.0

K7 AntiVirus
Trojan
13.232.20141

Kaspersky
Trojan-Dropper.Win32.Dapato
14.0.0.-1056

Malwarebytes
Backdoor.Bot
v2017.01.23.07

McAfee
RDN/Generic.grp
5600.6146

Microsoft Security Essentials
Trojan:Win32/Dynamer!ac
1.1.12902.0

MicroWorld eScan
Trojan.GenericKD.3353896
18.0.0.69

nProtect
Trojan.GenericKD.3353896
16.07.05.01

Panda Antivirus
Trj/GdSda.A
17.01.23.07

Qihoo 360 Security
Win32/Trojan.Dropper.0ad
1.0.0.1120

Quick Heal
(Suspicious) - DNAScan
1.17.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R02KC0DG316
10.465.23

VIPRE Antivirus
Trojan.Win32.Generic
50618

File size:
877.5 KB (898,600 bytes)

Common path:
C:\users\{user}\appdata\roaming\gwxux

Digital Signature
Authority:
Salung International Corporation

Valid from:
6/25/2016 5:45:36 AM

Valid to:
6/26/2026 5:45:36 AM

Subject:
E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Issuer:
E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Serial number:
00866E0A24F3686932

File PE Metadata
Compilation timestamp:
6/28/2016 7:47:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x7E4CE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7502

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
500 KB (512,000 bytes)

Remove gwxux - Powered by Reason Core Security