home

mog.exe

Mx One Antivirus

Ldc

This is a setup program which is used to install the application. The file has been seen being downloaded from update.mxone.net.
Publisher:
Ldc

Product:
Mx One Antivirus

Version:
4.05

MD5:
9fac4c56c70a03433181323c905655a5

SHA-1:
6b7b3abc40a50aa23f8c01df9f2a2d0239c60e4a

SHA-256:
baa84c5b5bdadd788931ac8b8b9404ef28b945e0eeea34be26c0028468594295

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/14/2024 3:14:54 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

avast!
Win32:Malware-gen
2014.9-150202

Trend Micro House Call
Suspicious_GEN.F47V0116
7.2.33

File size:
369.5 KB (378,368 bytes)

Product version:
4.05

Copyright:
Red Mx ( Martin Malagon )

Trademarks:
http://www.LdcMx.info http://www.MxOne.net

Original file name:
mog.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\mog.exe

File PE Metadata
Compilation timestamp:
1/3/2015 1:36:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:xwOtCjW6VXUudeZ01wbUhSdkoTfQ5enHMW1YLOTp9gvJALA:xztEz9jdc01wbzdlWAN1YKQB

Entry address:
0x3BF8

Entry point:
B8, DC, 1E, 58, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 78, 6E, B0, 14, FB, 88, 2C, A7, C8, 57, B1, 3C, 1F, 67, 6C, 65, 0B, 3C, E1, 39, 02, AC, 6D, A0, 3D, AB, D5, 34, 26, B4, 6F, B4, 49, 9B, FB, 99, B1, 5D, 58, 56, 43, 14, 6A, 39, C0, 8D, 7F, DA, 37, E3, 49, BA, 13, 5C, 10, 80, 83, B7, 73, 41, 40, 98, 3E, 78, 4B, DE, 26, 57, BC, ED, 15, BA, 6C, CE, AA, 08, F8, 6A, DA, 92, 76, EB, 28, AD, 12, 94, 87, 44, 5E, ED, 64, 5C, C2...
 
[+]

Packer / compiler:
PECompact v2

Code size:
1.5 MB (1,523,712 bytes)

The file mog.exe has been seen being distributed by the following URL.

http://update.mxone.net/mog.exe

Scan mog.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.