home

multiloader v.5.65.exe

MultiLoaderX 5.65

The executable multiloader v.5.65.exe has been detected as malware by 9 anti-virus scanners. This is a setup program which is used to install the application. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives. The file has been seen being downloaded from dc372.4shared.com.
Product:
MultiLoaderX 5.65

Version:
1, 0, 0, 1

MD5:
f789c4eb9323775aec9c97fdd9af41e5

SHA-1:
f30dbd6f7de77d119a11e007e36910b5cd377190

SHA-256:
bb123c4c40ea115579042ec9915716bdf0f35008e946a7813b3f5703e131d44b

Scanner detections:
9 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
12/26/2024 5:58:37 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Parite
160518-2

AVG
Win32/Parite
2015.0.4568

Dr.Web
Win32.Parite.2
9.0.1.05190

Emsisoft Anti-Malware
Win32.Parite
11.5.0.6191

ESET NOD32
Win32/Parite.B virus
7.0.302.0

F-Prot
W32/Parite.B
4.6.5.141

McAfee
Virus.W32/Ramnit.a
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.221.14.0

Norman
Win32.Parite.B
19.05.2016 05:17:13

File size:
415 KB (424,922 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2006

Original file name:
MultiLoader.exe

File type:
Executable application (Win32 EXE)

Language:
Korean (Korea)

Common path:
C:\users\{user}\downloads\multiloader v.5.65.exe

File PE Metadata
Compilation timestamp:
9/7/2010 6:01:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:Ubao+VhiQdskOGA+FDerBi2Sx+16CEymH6hNUxxQCFdKxGeBgFF8SNwhQi:OijiQVFFh+16CZEQudKdBglNwhb

Entry address:
0x4AF000

Entry point:
90, 90, 68, 1C, 8F, 85, 01, 59, BE, 20, F0, 8A, 00, 68, 98, 05, 00, 00, 5A, FF, 34, 32, 31, 0C, 24, 8F, 04, 32, 4A, 83, EA, 03, 90, 90, 75, EF, F4, F2, 84, 01, 1C, 8F, 85, 01, 1C, 8F, C5, 01, 1C, 8F, CD, 01, AB, 4A, 86, 01, C6, 44, 86, 01, 1C, 3F, 87, 01, E3, 70, 7A, FE, A0, 7F, 02, 01, 8A, 7E, 02, 01, B8, 7E, 02, 01, 1C, 8F, 85, 01, 1C, 8F, 85, 01, 1C, 8F, 85, 01, A0, 5B, 85, 01, 88, 7E, C2, 01, BE, 7E, C2, 01, 1C, 8F, 85, 01, 1C, 8F, 85, 01, 1C, 8F, 85, 01, 1C, 8F, 85, 01, 1C, 8F, 85, 01, 1C, 8F, 85, 01...
 
[+]

Entropy:
7.6231

Code size:
48 KB (49,152 bytes)

The file multiloader v.5.65.exe has been seen being distributed by the following URL.

http://dc372.4shared.com/download/.../multiloader_v565_.exe

Remove multiloader v.5.65.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.