super-mario-bros-3.exe

The executable super-mario-bros-3.exe has been detected as malware by 13 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from down01.waxoo.com.
MD5:
5d4d631e3cac0561bb0ca81dd28811e5

SHA-1:
84cf6fadb3863360fb5787df4ba4ad21d3b765d7

SHA-256:
568af8f3e99a3583ca2fa02bd4423a0698ef19e73dafc5e14eda589be682a992

Scanner detections:
13 / 68

Status:
Malware

Analysis date:
12/25/2024 6:05:35 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11975137
792

Avira AntiVirus
TR/Rogue.1650176
7.11.187.36

avast!
Win32:Malware-gen
2014.9-141204

Bitdefender
Trojan.Generic.11975137
1.0.20.1690

Emsisoft Anti-Malware
Trojan.Generic.11975137
8.14.12.04.07

F-Prot
W32/A-b6aac9c2
v6.4.7.1.166

F-Secure
Trojan.Generic.11975137
11.2014-04-12_5

G Data
Trojan.Generic.11975137
14.12.24

MicroWorld eScan
Trojan.Generic.11975137
15.0.0.1014

nProtect
Trojan.Generic.11975137
14.10.19.01

Reason Heuristics
Threat.Win.Reputation.IMP
15.6.29.1

Trend Micro House Call
TROJ_GEN.F47V0204
7.2.265

VIPRE Antivirus
Trojan.Win32.Generic
34910

File size:
1.6 MB (1,650,176 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\super-mario-bros-3.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:BWQijSdiWDAGgTmo5xw0+7WAmwzZQzs5r+gNshIjrCvRPHoNo0ThYUhZ:BWtmbwDxkn9iwvj+oBThbh

Entry address:
0x14F8DC

Entry point:
55, 8B, EC, 83, C4, F0, B8, 04, F3, 54, 00, E8, 1C, 76, EB, FF, A1, C8, 70, 55, 00, 8B, 00, E8, 74, 2B, F2, FF, 8B, 0D, 50, 72, 55, 00, A1, C8, 70, 55, 00, 8B, 00, 8B, 15, C0, C3, 54, 00, E8, 74, 2B, F2, FF, 8B, 0D, A4, 72, 55, 00, A1, C8, 70, 55, 00, 8B, 00, 8B, 15, 98, 80, 54, 00, E8, 5C, 2B, F2, FF, A1, C8, 70, 55, 00, 8B, 00, E8, D0, 2B, F2, FF, E8, 87, 50, EB, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.3 MB (1,370,624 bytes)

The file super-mario-bros-3.exe has been seen being distributed by the following URL.

Remove super-mario-bros-3.exe - Powered by Reason Core Security