home

mta vip generator 2015v.exe

MTA VIP Generator 2016v

The executable mta vip generator 2015v.exe has been detected as malware by 2 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from hostuje.net.
Product:
MTA VIP Generator 2016v

Version:
1.0.0.0

MD5:
5f0645c8274a571ebc94b66243ce6dae

SHA-1:
5e1b9123c11140b98db9406ff04ab5f6e6a2f04d

SHA-256:
976a9f43345357136a331cd52aff6f600f2ad8e4512a37bd27bf658f21d5dbff

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
1/13/2025 5:47:05 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.KillProc.37708
9.0.1.05190

ESET NOD32
MSIL/PSW.Agent.NFI trojan
8.0.319.0

File size:
393 KB (402,432 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
MTA VIP Generator 2016v.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mta vip generator 2015v.exe

File PE Metadata
Compilation timestamp:
1/28/2016 7:20:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:IYRLBIAuqPSXOWrtXl9ClXJ6hc5F3LLXFsmj5co/Z:rLBIXqqfCD5F33XFsXox

Entry address:
0x62FCE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F9, 5B, AA, 56, 00, 00, 00, 00, 02, 00, 00, 00, A7, 00, 00, 00, 1C, 40, 06, 00, 1C, 14, 06, 00, 52, 53, 44, 53, 43, 04, 34, E7, 52, BB, 7B, 4A, A7, 44, 9A, 38, 8C, 62, AA, 06, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 4C, 75, 63, 4B, 79, 5C, 44, 6F, 63, 75, 6D, 65, 6E, 74, 73, 5C, 56...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
388 KB (397,312 bytes)

The file mta vip generator 2015v.exe has been seen being distributed by the following URL.

http://hostuje.net/file.php?id=ed92c01003b5ae8d56771b635b5a6403

Remove mta vip generator 2015v.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.