mspass.zip
The file mspass.zip has been detected as a potentially unwanted program by 23 anti-malware scanners. The file has been seen being downloaded from www.nirsoft.net and multiple other hosts.
MD5:
2cbe2a7e5e4064022a7a52a823e51b0a
SHA-1:
b36f51256f05bbae9d9386c623626908fae71d5e
SHA-256:
7bc1dc7ff89b14da813d57857d0dcff98194211a410c9c3a7a43871fff277a42
Scanner detections:
23 / 68
Status:
Potentially unwanted
Analysis date:
12/27/2024 2:29:17 AM UTC (today)
Scan engine
Detection
Engine version
Lavasoft Ad-Aware
Gen:Application.Heur.emKfkOTC9tdO
6376365
Agnitum Outpost
Riskware.Agent
7.1.1
avast!
Win32:PassView-V [PUP]
2014.9-150218
AVG
PasswordViewer.E
2016.0.3195
Baidu Antivirus
Hacktool.Win32.MPass
4.0.3.15218
Bitdefender
Gen:Application.Heur.emKfkOTC9tdO
1.0.20.245
Comodo Security
ApplicUnsaf.Win32.PSWTool.Messen.SG
21046
Dr.Web
Threat.Undefined
9.0.1.05190
Emsisoft Anti-Malware
Gen:Application.Heur.emKfkOTC9tdO
9.0.0.4799
ESET NOD32
Win32/MPass.B potentially unsafe application
7.0.302.0
Fortinet FortiGate
Riskware/PassView
2/18/2015
F-Secure
Gen:Application.Heur.emKfkOTC9tdO
11.2015-18-02_4
G Data
Gen:Application.Heur.emKfkOTC9tdO
15.2.25
K7 AntiVirus
Trojan
13.194.14941
McAfee
Program.Artemis!DF218168BF83
16.8.708.2
MicroWorld eScan
Gen:Application.Heur.emKfkOTC9tdO
16.0.0.147
NANO AntiVirus
Riskware.Win32.PassView.dffttm
0.30.0.65070
Norman
Gen:Application.Heur.emKfkOTC9tdO
02.01.2015 13:58:24
Quick Heal
HackTool.Mspass.W4
2.15.14.00
Trend Micro House Call
HKTL_PASSVIEW
7.2.49
Trend Micro
HKTL_PASSVIEW
10.465.18
VIPRE Antivirus
Nirsoft Password Recovery (not malicious)
37466
ViRobot
Trojan.Win32.S.Agent.72105[h]
2014.3.20.0
File size:
70.4 KB (72,105 bytes)
Common path:
C:\users\{user}\downloads\mspass.zip
The file mspass.zip has been seen being distributed by the following 2 URLs.