home

romastersu_2.2.8_151222_2075.apk

The file romastersu_2.2.8_151222_2075.apk has been detected as a potentially unwanted program by 14 anti-malware scanners. The file has been seen being downloaded from soft.mgyun.com.
MD5:
45ef2d1f2ea652827fdcb15859f07317

SHA-1:
090389209f56735728b719acc31b895c2574fbe3

SHA-256:
f926c4ba1065dc68a0ea7cc32c87ab808e52e09144b3237af67b4d086da99538

Scanner detections:
14 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 10:29:45 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Android-AppCare/Galf.922f
2015.12.25

Avira AntiVirus
TR/Crypt.XPACK.Gen2
7.11.30.172

avast!
Android:SpyAgent-RP [Trj]
2014.9-151225

AVG
Android/G2P.CN.1A9150309ABB
2016.0.2884

Bkav FE
Android.adware.ncc
1.3.0.7400

Dr.Web
infected with Android.Spy.144.origin
9.0.1.05190

ESET NOD32
Android/Spy.Agent.PI trojan
7.0.302.0

Fortinet FortiGate
Android/Agent.PI!tr.spy
12/25/2015

IKARUS anti.virus
PUA.AndroidOS.Mgyun
t3scan.1.9.5.0

McAfee
Trojan.Artemis!7B9CA67CF8B2
18.0.204.0

NANO AntiVirus
Trojan.Android.Agent.dmhqgc
1.0.14.5317

Quick Heal
Android.Agent.HW (Suspicious PUP)
12.15.14.00

Sophos
PUA 'Android MgyunRoot' (of type Hacktool)
5.22

VIPRE Antivirus
Trojan.AndroidOS.Generic.A
46052

File size:
5.2 MB (5,471,725 bytes)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\romastersu_2.2.8_151222_2075.apk

The file romastersu_2.2.8_151222_2075.apk has been seen being distributed by the following URL.

http://soft.mgyun.com/files/products/romastersu/2075/2015/.../RomasterSu_2.2.8_151222_2075.apk

Remove romastersu_2.2.8_151222_2075.apk - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.