» mu1recados.exe
Overview
Analysis
File Details
Downloads (1)

mu1recados.exe

Envio de Recados

www.microuniversity.com.br

This is a setup program which is used to install the application. The file has been seen being downloaded from dc270.4shared.com.

File name:

mu1recados.exe

Publisher:

www.microuniversity.com.br

Product:

Envio de Recados

Version:

1.00.0004

MD5:

2dc580a9b777292cd7dd521386e6becd

SHA-1:

cd4eec5bb67a1db579a60c9d95bb2d87fd5e44b5

SHA-256:

59b7ef0022bd5b42f382dd21cbf775940063edbdf505594acc213b620f675bc8

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/24/2024 12:10:36 AM UTC (today)

Scan engine

Detection

Engine version

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Rising Antivirus

PE:Trojan.VBInject!1.64FA

23.00.65.16424

File size:

388 KB (397,312 bytes)

Product version:

1.00.0004

Original file name:

mu1recados.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\mu1recados.exe

File PE Metadata

Compilation timestamp:

11/7/2014 5:31:07 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:aih2KmwUM6M5MkB6udx+uAHpLnoJ2hlOVS8n+O:a3KuM6M5Mwdfg7oTn+O

Entry address:

0x293C

Entry point:

68, 5C, 8C, 42, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 20, AA, 85, 52, 9C, AB, D3, 41, 8C, 07, DE, 3C, DF, 23, 60, 3B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 30, 34, 36, 7D, 23, 32, 2E, 00, 00, 00, 00, FF, CC, 31, 00, 30, ED, E1, 4E, 14, 91, 6F, F6, 40, 9A, B2, AE, 62, 2A, D3, 02, 8D, A3, 24, F3, 3A, C1, C0, 93, 44, A6, 46, 74, B7, 1B, 65, 26, C8, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00... 
[+]

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

376 KB (385,024 bytes)

The file mu1recados.exe has been seen being distributed by the following URL.

http://dc270.4shared.com/download/.../mu1recados.exe

Scan mu1recados.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.