v62 localhost.exe

Wizet MapleStory

Wizet

The executable v62 localhost.exe, “MapleStory Localhost by Jammerx2” has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from download1583.mediafire.com.
Publisher:
Wizet

Product:
Wizet MapleStory

Description:
MapleStory Localhost by Jammerx2

Version:
1, 0, 0, 1

MD5:
1d87be29ee34feba789fc576a89a4351

SHA-1:
d39a2ad116a48c42ea18618ba3395a7d9b368b8d

SHA-256:
b74af796bc03170b405ea8bc405ce1a4a03267bdd43eda4cbd02f8e8cfbb8630

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/26/2024 12:26:12 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
16.7.23.7

File size:
7.5 MB (7,909,376 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright ? 2003

Original file name:
MapleStory.exe

File type:
Executable application (Win32 EXE)

Language:
Korean (Korea)

Common path:
C:\users\{user}\downloads\v62 localhost.exe

File PE Metadata
Compilation timestamp:
11/11/2008 2:23:53 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:xQttsby/VhoxNCsLYrlwLEhbyjU1yde0A0cgPm9v/PPJrDP6C:xutVVhqC5mEhp0sxrz6

Entry address:
0x47C9DF

Entry point:
55, 8B, EC, 6A, FF, 68, 28, 3F, 8F, 00, 68, 1C, B1, 87, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 5C, 81, 8E, 00, 33, D2, 8A, D4, 89, 15, B8, 06, 98, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, B4, 06, 98, 00, C1, E1, 08, 03, CA, 89, 0D, B0, 06, 98, 00, C1, E8, 10, A3, AC, 06, 98, 00, 6A, 01, E8, 83, 36, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 9D, 18, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.8591

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
4.9 MB (5,140,480 bytes)

The file v62 localhost.exe has been seen being distributed by the following URL.

Remove v62 localhost.exe - Powered by Reason Core Security