mchillipepper.exe

The executable mchillipepper.exe has been detected as malware by 15 anti-virus scanners. The file has been seen being downloaded from 5mp.eu.
Version:
1.7.0.0

MD5:
c451594327f61b41b1d3307fc4eedebf

SHA-1:
5390da2617c2c534858f4a37568ca1f01bcfc43d

SHA-256:
d1597563e172bd19d43dc13968a9f2ff5a288564764bcfabb54d9892bff1a147

Scanner detections:
15 / 68

Status:
Malware

Analysis date:
11/15/2024 7:54:12 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
HackTool.CheatEngine
7.1.1

Avira AntiVirus
SPR/CheatEngine.AB.413
7.11.159.14

Baidu Antivirus
Hacktool.Win32.CheatEngine
4.0.3.14711

Bkav FE
W32.Clod6f9.Trojan
1.3.0.4959

ESET NOD32
Win32/HackTool.CheatEngine.AB (variant)
8.10062

Fortinet FortiGate
Riskware/CheatEngine
7/11/2014

F-Prot
W32/A-2c468524
v6.4.7.1.166

IKARUS anti.virus
Virus.Win32.Trojan
t3scan.1.6.1.0

K7 AntiVirus
Hacktool
13.180.12643

Malwarebytes
HackTool.GamesCheat.Gen
v2014.07.11.09

McAfee
Generic PUP.z!eo
5600.7072

Norman
Agent.MVMW
11.20140711

Sophos
CheatEngine
4.98

VIPRE Antivirus
Trojan.Win32.Delf.abt
31082

ViRobot
Backdoor.Win32.A.Hupigon.658736
2011.4.7.4223

File size:
643.3 KB (658,736 bytes)

Product version:
1.2

File type:
Executable application (Win32 EXE)

Language:
Dutch (Netherlands)

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:5LrobWjDmRAs7pM3t6nH7nIIID77ZisssR88888888888888888888888888888a:xobWf8zqxxxxxxxx4ktn0hlw

Entry address:
0x96CA0

Entry point:
60, BE, 00, 50, 46, 00, 8D, BE, 00, C0, F9, FF, C7, 87, A8, 50, 07, 00, 95, 01, A9, 0C, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Entropy:
7.5763

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
200 KB (204,800 bytes)

The file mchillipepper.exe has been seen being distributed by the following URL.

Remove mchillipepper.exe - Powered by Reason Core Security