Maintenance.exe

FMT

FuriouSTeaM

The executable Maintenance.exe, “http://www.furiousgold.com” has been detected as malware by 7 anti-virus scanners. This file is typically installed with the program FuriousGold version with all the updates till 25/08/2016 by FuriouSTeaM. While running, it connects to the Internet address static.226.167.76.144.clients.your-server.de on port 80 using the HTTP protocol.
Publisher:
FuriouSTeaM

Product:
FMT

Description:
http://www.furiousgold.com

Version:
1.0.0.961

MD5:
13003a91f18f79afbb402b5c85fbf956

SHA-1:
2724878dd17edcdcb2f7c93e993f15fe615b8f7c

SHA-256:
d3543aa8dce2263f6729afa37508f80346e6b04806da7e8b5410b7bd0d2a0db1

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
12/28/2024 4:28:29 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Evo-gen [Susp]
150913-1

Baidu Antivirus
Hacktool.Win32.Packed.Themida
4.0.3.15113

Bkav FE
HW32.Packed
1.3.0.7237

Emsisoft Anti-Malware
Trojan.Generic.15502695
11.5.0.6191

ESET NOD32
Win32/Packed.Themida suspicious application
7.0.302.0

Fortinet FortiGate
PossibleThreat
11/3/2015

Qihoo 360 Security
Win32/Trojan.97a
1.0.0.1015

File size:
3.4 MB (3,559,936 bytes)

Product version:
1.0.0.961

Copyright:
(c)2005-2015, FuriouSTeaM

Trademarks:
(c)2005-2015, FuriouSTeaM

Original file name:
Maintenance.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:QK1g0m3g5G95pLJqzmEiUIbREFNaGC4vB:OV3195ZUiq

Entry address:
0x79B000

Entry point:
EB, 08, 0F, 30, 36, 00, 00, 00, 00, 00, E9, 00, 20, 00, 00, 54, 41, 47, 47, 00, 20, 00, 00, C2, 1B, 00, 00, 01, 00, 30, 82, 1B, BE, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 1B, AF, 30, 82, 1B, AB, 02, 01, 01, 31, 09, 30, 07, 06, 05, 2B, 0E, 03, 02, 1A, 30, 82, 0F, 21, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 01, A0, 82, 0F, 12, 04, 82, 0F, 0E, D0, 00, 01, 00, 01, C1, B1, A1, 02, 00, 03, 00, 08, 00, 00, 00, 26, 00, 00, 00, 01, 00, 36, 20, B6, 62, 64, 7D, 9B, 26, 9D, 0D, F0, 8F, 9D, 4B, D7, 90, C7...
 
[+]

Code size:
2.1 MB (2,216,960 bytes)

The file Maintenance.exe has been discovered within the following program.

www.furiousgold.com
About 3% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to static.226.167.76.144.clients.your-server.de  (144.76.167.226:80)

Remove Maintenance.exe - Powered by Reason Core Security