mvof48b.exe

The application mvof48b.exe has been detected as a potentially unwanted program by 11 anti-malware scanners.
MD5:
d18cd40a924b3f17d9d371466497a403

SHA-1:
e86cba13ce17f25d7fe2822a756b086d7b1f5416

SHA-256:
7fac13e7d62e8b68daba194e3780202f135569ff044859b20685902a48903ecd

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 4:23:58 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

avast!
MSIL:Downloader-NG [PUP]
2014.9-150416

Baidu Antivirus
Adware.MSIL.Imali
4.0.3.15718

Bkav FE
HW32.Packed
1.3.0.6379

ESET NOD32
MSIL/Adware.Imali (variant)
9.11396

G Data
MSIL.Adware.OfferInstaller
15.7.25

herdProtect (fuzzy)
2015.7.18.7

IKARUS anti.virus
AdWare.MSIL.Imali
t3scan.1.8.9.0

Kaspersky
not-a-virus:AdWare.MSIL.Agent
14.0.0.1719

Malwarebytes
PUP.Optional.OfferInstaller.C
v2015.07.18.07

Sophos
Offer Installer
4.98

File size:
298 KB (305,152 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\mvof48b.exe

File PE Metadata
Compilation timestamp:
3/29/2015 1:34:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:BFZT8qbTR7SquD4L8vioH/X8i9DLnHWcefjVo8bS5V/NZi4L:LZwgVxGq86oH/MKvnolg/zL

Entry address:
0x4B5EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 68, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9198

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
293.5 KB (300,544 bytes)

Remove mvof48b.exe - Powered by Reason Core Security