home

ManCam 4.1.0.12 OMG!Program.exe

Manycam 4.1.0.12 Full

OMG!Program Team

The executable ManCam 4.1.0.12 OMG!Program.exe, “www.omgprogram.blogspot.com” has been detected as malware by 8 anti-virus scanners. This is a setup program which is used to install the application. Accoriding to the detections, this has been classified as a kyelogger which is capable of recoring a user's keystrokes. The file has been seen being downloaded from download2080.mediafire.com and multiple other hosts.
Publisher:
OMG!Program Team

Product:
Manycam 4.1.0.12 Full

Description:
www.omgprogram.blogspot.com

Version:
1.0.0.0

MD5:
372591826d0e39d735ed72766e31c2cb

SHA-1:
40459d15f9dec4a452bcc3dba6a67797f8c6bded

SHA-256:
7cf6037f0178207fc4c5db0c0e371317a2c1b3be9613fd27109c7b9169bce1d5

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
11/14/2024 8:41:35 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
TrojanSpy.KeyLogger
7.1.1

avast!
Win32:Malware-gen
2014.9-150607

ESET NOD32
MSIL/Bladabindi.BM (variant)
9.11677

Fortinet FortiGate
PossibleThreat.SB!tr
6/7/2015

Kaspersky
Trojan-Spy.MSIL.KeyLogger
14.0.0.1922

Microsoft Security Essentials
Backdoor:MSIL/Bladabindi.AJ
1.1.11701.0

NANO AntiVirus
Trojan.Win32.KeyLogger.dqvgjw
0.30.24.1636

VIPRE Antivirus
Trojan.Win32.Generic
40522

File size:
70.2 MB (73,590,330 bytes)

Product version:
1.0.0.0

Copyright:
2015 By Admin MeK Camfrog ID ****!!

Trademarks:
OMG!Program Team

Original file name:
ManCam 4.1.0.12 OMG!Program.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\mancam 4.1.0.12 omg!program.exe

File PE Metadata
Compilation timestamp:
6/15/2012 2:11:00 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1572864:HsJhyPIIK6RKgMg7M3S9vz8wLzkbMz4qRSwfjuO0cSG/KAi/wmx7RM1vwap6aVvX:HsJhyXVRKZ8fz9LzCMz4Twfj/SG/Kh7S

Entry address:
0x2CBBC

Entry point:
E8, 15, C6, 00, 00, E9, 78, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 0C, 06, 45, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 0C, 06, 45, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Entropy:
7.9994  (probably packed)

Code size:
253.5 KB (259,584 bytes)

The file ManCam 4.1.0.12 OMG!Program.exe has been seen being distributed by the following 6 URLs.

http://download2080.mediafire.com/dbpf9b37b9kg/.../ManCam 4.1.0.12 OMG!Program.exe

http://download1610.mediafire.com/dee3qw1abc2g/.../ManCam 4.1.0.12 OMG!Program.exe

http://download1682.mediafire.com/561jh7kh146g/.../ManCam 4.1.0.12 OMG!Program.exe

http://download1614.mediafire.com/p1tq26bojlbg/.../ManCam 4.1.0.12 OMG!Program.exe

http://download15.mediafire.com/m03117xlq28g/.../ManCam 4.1.0.12 OMG!Program.exe

http://download2151.mediafire.com/du802dtgczug/.../ManCam 4.1.0.12 OMG!Program.exe

Remove ManCam 4.1.0.12 OMG!Program.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.