» msx.exe
Overview
Analysis
File Details
Network (3)

msx.exe

fdfsdf

fewfewfewfwe

The executable msx.exe has been detected as malware by 31 anti-virus scanners.

File name:

msx.exe

Publisher:

fewfewfewfwe

Product:

fdfsdf

Description:

Version:

4.3.3.2

MD5:

7105e67c173b575d0b5b6d7f48bd245d

SHA-1:

2f23d92ecc67270d76a0186cd682fd33eb3d0b53

SHA-256:

5ca53f5eb9f019621fa3a602fbf8686d42d3baa7f3501b8992e729e025984099

Scanner detections:

31 / 68

Status:

Malware

Analysis date:

12/28/2024 5:59:01 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.45442

303

Agnitum Outpost

Trojan.PWS.Agent

7.1.1

AhnLab V3 Security

Packed/Win32.Malpacked

2015.12.20

Avira AntiVirus

TR/Spy.Banker.ABAA

8.3.2.4

Arcabit

Trojan.Symmi.DB182

1.0.0.629

avast!

Win32:Malware-gen

2014.9-160406

AVG

Generic11_c

2017.0.2781

Baidu Antivirus

Trojan.Win32.Banker

4.0.3.1646

Bitdefender

Gen:Variant.Symmi.45442

1.0.20.485

Bkav FE

W32.HfsAutoB

1.3.0.7383

Comodo Security

UnclassifiedMalware

23796

Dr.Web

Trojan.SMSSend.5275

9.0.1.097

Emsisoft Anti-Malware

Gen:Variant.Symmi.45442

8.16.04.06.12

ESET NOD32

Win32/Spy.Banker.ABAA

10.12749

Fortinet FortiGate

W32/Agent.KJO!tr

4/6/2016

F-Secure

Gen:Variant.Symmi.45442

11.2016-06-04_4

G Data

Gen:Variant.Symmi.45442

16.4.25

K7 AntiVirus

Trojan

13.212.18161

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.402

Malwarebytes

Trojan.Agent.DE

v2016.04.06.12

McAfee

Artemis!7105E67C173B

5600.6437

MicroWorld eScan

Gen:Variant.Symmi.45442

17.0.0.291

NANO AntiVirus

Trojan.Win32.Agent.dctueu

1.0.10.5081

Panda Antivirus

Trj/CI.A

16.04.06.12

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_BANKER.WUVZ

7.2.97

Trend Micro

TROJ_BANKER.WUVZ

10.465.06

Vba32 AntiVirus

TrojanBanker.Agent

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

45948

ViRobot

Trojan.Win32.A.Agent.2073088.A[h]

2014.3.20.0

Zillya! Antivirus

Trojan.Agent.Win32.474162

2.0.0.2571

File size:

2 MB (2,073,088 bytes)

Product version:

1.0.0.0

efwef

Trademarks:

fsdfw

Original file name:

fewfew

File type:

Executable application (Win32 EXE)

Language:

Brazilian Portuguese

Common path:

C:\users\{user}\appdata\roaming\msx.exe

File PE Metadata

Compilation timestamp:

7/11/2014 1:14:31 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:1AKlcV5+YE6hxI6WjrxvjmAg96vSgaxRk3J/dq0BHiKri0tc:aIU5+YHx9Wn8PAvSc/40oKe

Entry address:

0x4F9000

Entry point:

83, EC, 04, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, B0, 12, 00, 2D, 8F, 8E, 0A, 10, 05, 84, 8E, 0A, 10, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, D2, FE, F2, 57, 68, 72, 72, F8, 72, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, 75, 5A, A7, 9D, 45, A1, 26, 24, 50, 4A, 6B, 67, 1A, 45... 
[+]

Code size:

1.4 MB (1,512,448 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to origin.blu180.mail.live.com (65.55.118.92:80)

TCP (HTTP SSL):

Connects to a104-105-134-47.deploy.static.akamaitechnologies.com (104.105.134.47:443)

TCP (HTTP SSL):

Connects to a-0006.dc-msedge.net (131.253.33.208:443)

Remove msx.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.