» mendes dll injector v1.1.exe
Overview
Analysis
File Details
Downloads (2)

mendes dll injector v1.1.exe

www.mendesfiles.blogspot.com

The application mendes dll injector v1.1.exe has been detected as a potentially unwanted program by 20 anti-malware scanners. The file has been seen being downloaded from dc223.4shared.com and multiple other hosts.

File name:

Publisher:

www.mendesfiles.blogspot.com

Product:

www.mendesfiles.blogspot.com

Version:

1.1.0.0

MD5:

7f0ed174dbf5456a17323cce1a7a16b7

SHA-1:

dea2ff9503f112039b9058632a9b7f1c605afab7

SHA-256:

c7bddc261a8e9a0b49ac110f26106c79554d1a91adc04f2014c2629442d6d6b2

Scanner detections:

20 / 68

Status:

Potentially unwanted

Analysis date:

12/26/2024 1:19:43 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11118710

1020

Agnitum Outpost

Riskware.Inject

7.1.1

AVG

Skodna.GameHack

2015.0.3498

Bitdefender

Trojan.Generic.11118710

1.0.20.555

Bkav FE

W32.Clod117.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

18132

Emsisoft Anti-Malware

Trojan.Win32.Inject

8.14.04.21.10

ESET NOD32

Win32/HackTool.Inject.AD

8.9700

Fortinet FortiGate

Malware_fam.NB

4/21/2014

F-Secure

Trojan.Generic.11118710

11.2014-21-04_2

G Data

Trojan.Generic.11118710

14.4.24

IKARUS anti.virus

Trojan-Downloader.Banload

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.176.11806

McAfee

RDN/Generic.dx!cgm

5600.7154

MicroWorld eScan

Trojan.Generic.11118710

15.0.0.333

nProtect

Trojan.Generic.11118710

14.04.18.01

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R0CCH06B614

7.2.111

VIPRE Antivirus

Trojan.Win32.Generic

28404

ViRobot

JS.A.Iframe.722944

2011.4.7.4223

File size:

706 KB (722,944 bytes)

Product version:

1.0.0.0

www.mendesfiles.blogspot.com

Trademarks:

www.mendesfiles.blogspot.com

Original file name:

www.mendesfiles.blogspot.com

File type:

Executable application (Win32 EXE)

Language:

Portuguese (Brazil)

Common path:

C:\users\{user}\downloads\mendes dll injector v1.1.exe

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:jaZ2FuwzpGAQLdj8trEwG6y8ZVwIi0dvKF1/zRUVtROnXTZOXLpS7o+8:jaUAeGAQhQsIf8F1eVtRwXTZcI798

Entry address:

0x7DD14

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, B4, DA, 47, 00, E8, BB, 83, F8, FF, 8B, 1D, 2C, 2B, 48, 00, 8B, 03, E8, B2, 56, FE, FF, 8B, 03, BA, A0, DD, 47, 00, E8, 9E, 52, FE, FF, 8B, 0D, 48, 2C, 48, 00, 8B, 03, 8B, 15, A0, D6, 47, 00, E8, AB, 56, FE, FF, 8B, 0D, 84, 2C, 48, 00, 8B, 03, 8B, 15, 78, 8C, 47, 00, E8, 98, 56, FE, FF, 8B, 0D, E0, 2A, 48, 00, 8B, 03, 8B, 15, 84, B2, 47, 00, E8, 85, 56, FE, FF, 8B, 0D, 98, 29, 48, 00, 8B, 03, 8B, 15, 98, AC, 47, 00, E8, 72, 56, FE, FF, 8B, 03, E8, EB, 56, FE, FF, 5B, E8, C1... 
[+]

Entropy:

6.8228

Developed / compiled with:

Microsoft Visual C++

Code size:

499.5 KB (511,488 bytes)

The file mendes dll injector v1.1.exe has been seen being distributed by the following 2 URLs.

http://dc223.4shared.com/download/.../mendes_dll_injector_v11.exe

http://download1957.mediafire.com/tjkdmepjk1pg/.../Mendes DLL Injector v1.1(2).exe

Remove mendes dll injector v1.1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.