home

mu1exportaturmas.exe

mu1exportaturmas

www.microuniversity.com.br

The executable mu1exportaturmas.exe, “Exportador Mysql X Microsoft Access®-Turmas” has been detected as malware by 9 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc541.4shared.com.
Publisher:
www.microuniversity.com.br

Product:
mu1exportaturmas

Description:
Exportador Mysql X Microsoft Access®-Turmas

Version:
1.00.0001

MD5:
f6fc2184aa3358c079b759c9eb7b3c8a

SHA-1:
aa1474dbe6e4c55b1ddeb012b080398b9d31ce14

SHA-256:
24009851a6d096b513cbdcd7cf2d014c6bf5940f0d7a2ab4a343c53cca52675f

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
12/26/2024 6:03:25 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.13072317
244

Bitdefender
Trojan.Generic.13072317
1.0.20.780

Emsisoft Anti-Malware
Trojan.Generic.13072317
8.16.06.04.02

F-Secure
Trojan.Generic.13072317
11.2016-04-06_7

G Data
Trojan.Generic.13072317
16.6.25

MicroWorld eScan
Trojan.Generic.13072317
17.0.0.468

nProtect
Trojan.Generic.13072317
15.03.30.01

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Rising Antivirus
PE:Trojan.VBInject!1.64FA
23.00.65.16602

File size:
180 KB (184,320 bytes)

Product version:
1.00.0001

Original file name:
mu1exportaturmas.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\mu1exportaturmas.exe

File PE Metadata
Compilation timestamp:
10/22/2013 12:20:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:g1eLLuXS8y84u9XDWepTKaHDkrPUEEDb:gMOhy8LD9pThDf

Entry address:
0x1E80

Entry point:
68, B0, 7B, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, B4, 7F, 7C, E1, 6B, 45, FE, 47, A8, CA, C7, 67, 08, B5, 77, 38, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 20, 42, 65, 67, 69, 6E, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 20, 6C, 62, 6C, 41, 63, 63, 00, 00, 00, 00, FF, CC, 31, 00, 06, 65, F6, 67, 87, 5E, 74, FE, 46, B6, 30, CC, AC, 23, EB, 67, 0D, 2C, BC, 04, D5, 05, 7A, 91, 46, BB, 11, 48, 0A, 29, DB, 85, F7, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
148 KB (151,552 bytes)

The file mu1exportaturmas.exe has been seen being distributed by the following URL.

http://dc541.4shared.com/download/.../mu1exportaturmas.exe

Remove mu1exportaturmas.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.