setup_moorhuhnwe_aycs.exe

Moorhuhn Winter-Edition

Phenomedia AG

The executable setup_moorhuhnwe_aycs.exe has been detected as malware by 10 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.winsoftware.de.
Publisher:
Phenomedia AG

Product:
Moorhuhn Winter-Edition

Version:
1.00.000.AYCS.DE

MD5:
79d41ae56aa1e75cd87b138c5f9d297f

SHA-1:
cd7472e199b1d4168e7f9ce1d62ae2531633ec12

SHA-256:
b0b6322e0535190c5070b5fa7d3a539cb8555f9a2b5a057cb9c63828b2871f6b

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
11/5/2024 2:25:29 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Jadtre-A [Drp]
160414-2

AVG
Win32/Agent.BQ
2015.0.4568

Dr.Web
Trojan.Starter.1410
9.0.1.05190

Emsisoft Anti-Malware
Win32.Viking.AZ
11.5.0.6191

ESET NOD32
Win32/Wapomi.A virus
8.0.319.0

F-Prot
W32/Pikor.A
4.6.5.141

McAfee
Virus.W32/Fujacks.be
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.221.795.0

Norman
Win32.Viking.AZ
19.05.2016 05:17:13

VIPRE Antivirus
Threat.4722626
49494

File size:
5.1 MB (5,365,760 bytes)

Product version:
1.00.000.AYCS.DE

Original file name:
stub32i.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup_moorhuhnwe_aycs.exe

File PE Metadata
Compilation timestamp:
9/5/2001 8:02:57 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:lN4Pp+TaU8gG9B6B4mP+mAT03eJFBaqYXaj96UrfE1ykOT:Z+zgGjiTMGeJ/aL8xrf+ykO

Entry address:
0x47000

Entry point:
55, 8B, EC, 83, EC, 70, 53, 83, 65, D0, 00, 83, 65, F8, 00, 83, 65, D8, 00, 33, C0, 66, 89, 45, CC, 83, 65, E0, 00, 83, 65, EC, 00, 83, 65, E4, 00, 83, 65, F4, 00, 83, 4D, DC, FF, 83, 65, D4, 00, 83, 65, C8, 00, 83, 65, E8, 00, 83, 65, F0, 00, 83, 65, FC, 00, C7, 45, AC, 72, 6F, 63, 41, 90, 90, 90, B8, 2F, 00, 00, 00, 40, 64, FF, 30, 5B, 89, 5D, E0, 8B, 45, E0, 8B, 40, 0C, 8B, 40, 1C, 8B, 00, 89, 45, EC, C7, 45, A8, 47, 65, 74, 50, 8B, 45, EC, 8B, 40, 08, 89, 45, F4, C7, 45, B4, 73, 73, 00, 00, 8B, 45, F4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
160 KB (163,840 bytes)

The file setup_moorhuhnwe_aycs.exe has been seen being distributed by the following URL.

Remove setup_moorhuhnwe_aycs.exe - Powered by Reason Core Security