home

mog.exe

Mx One Antivirus

Ldc

This is a setup program which is used to install the application. The file has been seen being downloaded from update.mxone.net.
Publisher:
Ldc

Product:
Mx One Antivirus

Version:
4.05

MD5:
3803eb8c712501f83dff7cf8cac012e6

SHA-1:
448140c8f0f14e1d807e444a729257113ab67baf

SHA-256:
3f025ac065e305d7cdd63ecaf07aaf445800359601f414625aadf370b8ee0602

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/14/2024 2:50:27 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Bkav FE
HW32.Packed
1.3.0.4959

Trend Micro House Call
Suspicious_GEN.F47V1103
7.2.329

File size:
369.5 KB (378,368 bytes)

Product version:
4.05

Copyright:
Red Mx ( Martin Malagon )

Trademarks:
http://www.LdcMx.info http://www.MxOne.net

Original file name:
mog.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\users\{user}\appdata\local\temporary internet files\content.ie5\{random}\mog.exe

File PE Metadata
Compilation timestamp:
10/14/2014 12:15:03 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:mXQCDX3Ruuxbt3L1JyBhYGnW01qEk2Dyta6zXX6umvCynnblHXqgFg:mXQoBFBBQBhLnopa6z6kybJqg

Entry address:
0x3BF8

Entry point:
B8, DC, 0E, 58, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 2A, F0, 99, A6, 87, 7B, C2, 19, 65, 23, 89, 0A, D5, 69, C7, 12, 48, FF, 03, 54, 7B, 57, 14, 13, E0, 95, 6C, 0C, 29, 5F, 2A, B8, 13, 15, 38, 53, 1C, 7F, 2D, 56, 1E, 92, 35, FD, 6F, 6B, 61, 70, B4, E8, 85, BA, 32, D9, F7, 58, E1, AF, 22, 04, 18, CF, D9, F8, 75, 54, 51, 41, 02, 0D, CA, 0E, F7, 1D, 7F, 7C, 61, 80, 16, BF, 36, 18, C3, D8, 3F, B3, ED, F8, 59, 3E, E7, 78, E7...
 
[+]

Entropy:
7.9944

Packer / compiler:
PECompact v2

Code size:
1.4 MB (1,519,616 bytes)

The file mog.exe has been seen being distributed by the following URL.

http://update.mxone.net/mog.exe

Scan mog.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.