home

mu1rellog.exe

Relatório de Logs

www.microuniversity.com.br

This is a setup program which is used to install the application. The file has been seen being downloaded from dc739.4shared.com.
Publisher:
www.microuniversity.com.br

Product:
Relatório de Logs

Version:
1.00.0007

MD5:
58cab5ac7867d1ad43f8ff8118797aa0

SHA-1:
c1575161eee239423b8d2615e47eec56cd46902b

SHA-256:
5fa2c3c4e64745056452f6fdfa9e60372195f7e90622f22897a0220c8639720a

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/27/2024 12:55:44 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Rising Antivirus
PE:Trojan.VBInject!1.64FA
23.00.65.16424

File size:
448 KB (458,752 bytes)

Product version:
1.00.0007

Original file name:
mu1rellog.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\mu1rellog.exe

File PE Metadata
Compilation timestamp:
11/7/2014 5:39:39 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:hNdfkT42Q6O9qjNE9s5gxh9YJiKEZAVCTM041pFgh9zNKClX7unhXALB2WvY5r30:hNFuDBE9M+xKsrE5r3f2cOFbEsIt

Entry address:
0x2544

Entry point:
68, 5C, 1C, 42, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 02, 89, 45, E5, E9, DB, 87, 43, 99, B7, 4E, 64, 91, E4, ED, D0, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 36, 2D, 38, 35, 39, 34, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 45, 35, 37, 41, 7D, 23, 39, 00, 00, 00, 00, FF, CC, 31, 00, 31, CE, E8, EC, 1E, C9, F9, A3, 43, AC, 42, 2C, 7E, 49, A2, BF, 28, 15, 67, DE, A4, 87, D4, E5, 43, 97, 61, F1, 88, 6D, DD, 89, D8, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
436 KB (446,464 bytes)

The file mu1rellog.exe has been seen being distributed by the following URL.

http://dc739.4shared.com/download/.../mu1rellog.exe

Scan mu1rellog.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.