home

mog.exe

Mx One Antivirus

Ldc

This is a setup program which is used to install the application. The file has been seen being downloaded from update.mxone.net.
Publisher:
Ldc

Product:
Mx One Antivirus

Version:
4.05

MD5:
1fc12b0e88582760ef90d5ab5ee7f296

SHA-1:
991f6a89402a54f8599bb5d33253373aa4bbfc26

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/14/2024 3:08:23 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.PECompact-1
0.98/18011

Quick Heal
(Suspicious) - DNAScan
4.16.11.00

Rising Antivirus
Suspicious
23.00.65.16422

Sophos
Sus/VB-H
4.67

VIPRE Antivirus
Trojan.Win32.Generic
10134

File size:
365 KB (373,760 bytes)

Product version:
4.05

Copyright:
Red Mx ( Martin Malagon )

Trademarks:
http://www.LdcMx.info http://www.MxOne.net

Original file name:
mog.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\Documents and Settings\{user}\Local settings\temporary internet files\content.ie5\{random}\mog.exe

File PE Metadata
Compilation timestamp:
6/23/2011 12:46:56 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:OojqecIJ6EsbJYN9LDIh93DdrmL1PkNK8aFT2qoJykvcBJmbvqopNno5Eu:B+e9J6EyJYN9LDy3Jrm5PkNKc3Jbvcrj

Entry address:
0x3A48

Entry point:
B8, FC, 9E, 57, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, FD, 8E, B2, 94, 29, 4B, 99, 86, A7, 14, B0, FF, 8A, 06, 44, F3, 83, B0, 71, A9, 12, 5E, 50, 75, 65, F7, 1A, C4, 1D, E9, B6, 70, 34, A7, 84, 31, 2C, 7F, A1, 04, 43, 01, E2, CD, F5, BE, FD, 49, EA, FD, FD, 4B, AC, 78, 60, C8, EF, 46, 45, 67, 02, 90, FE, A0, 6C, CA, 43, 3B, 1E, D1, E9, 49, 49, 33, 84, 14, 92, F4, 5B, A7, F3, B4, B8, 89, A7, 8F, 3F, C1, C9, DF, 26, 28, B2...
 
[+]

Packer / compiler:
PECompact v2

Code size:
1.4 MB (1,490,944 bytes)

The file mog.exe has been seen being distributed by the following URL.

http://update.mxone.net/.../mog.exe

Scan mog.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.