» mq2.cpl
Overview
Analysis
File Details

mq2.cpl

The file mq2.cpl has been detected as malware by 30 anti-virus scanners.

File name:

mq2.cpl

MD5:

9a4639f6ec15145cec9e2e1dc3a4e340

SHA-1:

cbd29d4a301f101b8f5c72221c0b530d4265e60a

SHA-256:

3e3dd2b50b416d60c2de29d4db3695ea2f59df0531cc93b474ac52f004c27b63

Scanner detections:

30 / 68

Status:

Malware

Analysis date:

11/29/2024 4:42:17 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.3546

-41

Agnitum Outpost

TrojanSpy.Banker

7.1.1

Avira AntiVirus

TR/ATRAPS.Gen

7.11.151.104

avast!

Win32:Delf-TBQ [Trj]

2014.9-170316

AVG

PSW.Banker6

2018.0.2437

Baidu Antivirus

Trojan.Win32.Stoldt

4.0.3.17316

Bitdefender

Gen:Variant.Barys.3546

1.0.20.375

Comodo Security

UnclassifiedMalware

18321

Dr.Web

Trojan.PWS.Banker1.12739

9.0.1.075

Emsisoft Anti-Malware

Gen:Variant.Barys.3546

8.17.03.16.12

ESET NOD32

Win32/Spy.Banker.XHH (variant)

11.9848

Fortinet FortiGate

W32/Banker.XHH!tr

3/16/2017

F-Secure

Gen:Variant.Barys.3546

11.2017-16-03_5

G Data

Gen:Variant.Barys.3546

17.3.24

IKARUS anti.virus

Trojan-Banker.Win32.Banbra

t3scan.1.6.1.0

K7 AntiVirus

Riskware

13.178.12184

Kaspersky

Trojan.Win32.Stoldt

14.0.0.-1318

McAfee

GenericR-ABO!9A4639F6EC15

5600.6093

Microsoft Security Essentials

TrojanDownloader:Win32/Peguese.J

1.10600

MicroWorld eScan

Gen:Variant.Barys.3546

18.0.0.225

NANO AntiVirus

Trojan.Win32.Stoldt.csxjqv

0.28.0.59921

Norman

Troj_Generic.FNDWV

11.20170316

Panda Antivirus

Trj/OCJ.D

17.03.16.12

Qihoo 360 Security

HEUR/Malware.QVM25.Gen

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.13737860!326334560

23.00.65.17314

Sophos

Mal/Generic-L

4.98

Trend Micro House Call

TROJ_GEN.R0CBC0CLC13

7.2.75

Trend Micro

TROJ_GEN.R0CBC0CLC13

10.465.16

Vba32 AntiVirus

Trojan.Stoldt

3.12.26.0

VIPRE Antivirus

Trojan.Win32.Generic

29608

File size:

1 MB (1,100,800 bytes)

Common path:

C:\users\{user}\appdata\roaming\verpetrônio-pc\mq2.cpl

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0xA8D94

Entry point:

55, 8B, EC, 83, C4, C4, B8, E4, 89, 4A, 00, E8, 2C, D4, F5, FF, 33, C0, 55, 68, C0, 8D, 4A, 00, 64, FF, 30, 64, 89, 20, 33, C0, 5A, 59, 59, 64, 89, 10, 68, C7, 8D, 4A, 00, C3, E9, DB, AA, F5, FF, EB, F8, E8, 68, B0, F5, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

671.5 KB (687,616 bytes)

Remove mq2.cpl - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.