intimacao-mpf.exe

The executable intimacao-mpf.exe has been detected as malware by 27 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from sao01.objectstorage.softlayer.net.
MD5:
f7ed7b1e4fbf576c9c8fc5e54f6e8426

SHA-1:
b6af89faacf0e4917af036e4e04f7ed9518eff94

SHA-256:
fee0eeb3a89aecf2e37051fef9f6da24873b0894eae4f3be09ceacaedb05c172

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
12/28/2024 10:37:06 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.15124076
353

Agnitum Outpost
Trojan.DL.Agent
7.1.1

Avira AntiVirus
TR/VB.Agent.337920
8.3.2.4

Arcabit
Trojan.Generic.DE6C66C
1.0.0.624

avast!
VBS:Banker-BT [Trj]
2014.9-160217

AVG
VBS/Downloader.Agent
2017.0.2831

Baidu Antivirus
Trojan.VBS.Agent
4.0.3.16217

Bitdefender
Trojan.Generic.15124076
1.0.20.240

Comodo Security
UnclassifiedMalware
23656

Emsisoft Anti-Malware
Trojan.Generic.15124076
8.16.02.17.10

ESET NOD32
VBS/TrojanDownloader.Agent.NTW
10.12625

Fortinet FortiGate
VBS/Agent.ASV!tr.dldr
2/17/2016

F-Secure
Trojan.Generic.15124076
11.2016-17-02_4

G Data
Trojan.Generic.15124076
16.2.25

IKARUS anti.virus
Trojan-Downloader.VBS.Agent
t3scan.1.9.5.0

K7 AntiVirus
Trojan-Downloader
13.212.17972

Kaspersky
Trojan-Downloader.VBS.Agent
14.0.0.648

McAfee
RDN/Generic Downloader.x
5600.6487

Microsoft Security Essentials
Trojan:Win32/Skeeyah.A!bit
1.1.12300.0

MicroWorld eScan
Trojan.Generic.15124076
17.0.0.144

NANO AntiVirus
Trojan.Win32.Agent.dxpxbt
0.30.26.4751

nProtect
Trojan.Generic.15124076
15.11.25.01

Panda Antivirus
Generic Suspicious
16.02.17.10

Qihoo 360 Security
HEUR/QVM17.0.Malware.Gen
1.0.0.1077

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R00XC0EJC15
10.465.17

VIPRE Antivirus
Trojan.Win32.Generic
45432

File size:
330 KB (337,920 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\intimacao-mpf.exe

File PE Metadata
Compilation timestamp:
2/4/2013 9:06:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:fe9L17j8qwJLCGPUlS/nxu/hvVjOdqApsn4w4fZJhLR5SCXerYl93Bd07aUk3DeL:fKL17jEbgpwkCs4Ntper

Entry address:
0x1000

Entry point:
B8, 14, 95, 4B, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, F7, E1, 4B, D6, 8B, 6A, 82, F9, 36, DC, AC, 38, 36, 86, 15, 39, DE, BF, 8C, E6, DC, BD, D8, 5A, C6, ED, 35, 88, B8, E4, 2C, 03, BE, BD, 3B, 23, 24, B2, 5C, FF, 5B, 53, 88, DC, 13, 87, 42, 31, A9, A2, 65, FD, 9D, 5D, 7B, DD, 64, 92, 3B, 57, 85, 45, 83, 39, 5C, A1, A5, D5, 39, C8, F3, 66, E1, 9C, F9, 04, 2C, 6B, 2B, 10, 3D, 78, 38, 5D, 5A, 04, C6, C9, 04, 6A, 0A, 63, 07...
 
[+]

Packer / compiler:
PECompact v2

Code size:
154 KB (157,696 bytes)

The file intimacao-mpf.exe has been seen being distributed by the following URL.

Remove intimacao-mpf.exe - Powered by Reason Core Security