home

מייצר מנויים למיקמק.exe

The executable מייצר מנויים למיקמק.exe has been detected as malware by 12 anti-virus scanners. The file has been seen being downloaded from serv23.f2h.co.il and multiple other hosts.
MD5:
25f3dac0361897ee48a8ae1311c5c9e7

SHA-1:
34ecdf6a85bc9c67e9bd440e0b95805398897b98

SHA-256:
7a343d3e376b42ca9cd6f94f7c79a1227ab534735ac40c88a28c44f247f981dc

Scanner detections:
12 / 68

Status:
Malware

Analysis date:
4/19/2024 9:17:54 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.12351079
483

Arcabit
Trojan.Generic.DBC7667
1.0.0.567

Bitdefender
Trojan.Generic.12351079
1.0.20.1410

Dr.Web
Trojan.DownLoader4.52460
9.0.1.0246

Emsisoft Anti-Malware
Trojan.Generic.12351079
8.15.10.09.03

F-Secure
Trojan.Generic.12351079
11.2015-09-10_6

G Data
Trojan.Generic.12351079
15.10.25

IKARUS anti.virus
Worm.Win32.AutoIt
t3scan.1.9.5.0

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.1302

McAfee
Artemis!25F3DAC03618
5600.6617

MicroWorld eScan
Trojan.Generic.12351079
16.0.0.846

nProtect
Trojan.Generic.12351079
15.09.24.01

File size:
2.8 MB (2,963,968 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\????? ?????? ??????.exe

File PE Metadata
Compilation timestamp:
7/14/2011 9:52:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:Umv3oiwHRAKAr/PIDdX0/L5MSmXcoiwHRAKAr/PIDdX0/L5M:+o4Lo

Entry address:
0x17636A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
3.5164

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.5 MB (1,524,736 bytes)

The file מייצר מנויים למיקמק.exe has been seen being distributed by the following 32 URLs.

http://serv23.f2h.co.il/.../yr4ax4479uhw|bf0169a6ed31be38e674424bf9cb5d7d

http://down.upf.co.il/downloadnew/file/.../403862fcae8eeda1048af7c9f84a7b15

http://f2h.nana10.co.il/.../yr4ax4479uhw|c4fc9be673e3f2fe00c7cb1af83520e6|.exe

http://down.upf.co.il/downloadnew/file/.../583271e867af1cce1126c4e43ce751fd_MTQ0MzYxNDg4MA==

http://down.upf.co.il/downloadnew/file/.../9fdcfa89bd7cd65346344409deecdd2f_MTQ1NDcwODY5NA==

http://down.upf.co.il/download2.php?file=40619622&hash=4d666c089f429e0a2147181892c4efcc&backup=1

http://serv23.f2h.co.il/.../yr4ax4479uhw|00b46daf880840654a3b6316507fbc55|.exe

http://down.upf.co.il/downloadnew/file/.../f1b9f97294bd7c633ce38f540fdc24e7?ip=212.76.96.150

http://down.upf.co.il/download2.php?file=40619622&hash=7c45a43c464a0d021001d9072f6c023e_MTQ1NDA5Njc3NA==&backup=1&ip=5.29.4.13

http://www.upf.co.il/downloadnew/file/.../20bcb87242b240cd7cedb3b6f5185c3f_MTQ0OTQyMDE4NQ==

http://down.upf.co.il/downloadnew/file/.../f772c7d2d7f4b9bbd83e15f03760b367?ip=37.142.196.156

http://down.upf.co.il/downloadnew/file/.../e881ede57c6c58ad4250e584c8f490ea?ip=109.64.31.178

http://www.upf.co.il/downloadnew/file/.../e8e85674c5fcebd6cb42d72273821c13_MTQ1MjAxOTIzMA==

http://down.upf.co.il/download2.php?file=40619622&hash=ed439aa3fa6380dbb506bdd5cb62ff2f_MTQ0NDA0OTM2Nw==&backup=1&ip=79.178.20.68

http://down.upf.co.il/downloadnew/file/.../9ba792f4f4d0a8dff49e2be8ae6c6906_MTQ0NDUxNDE1Mg==

http://down.upf.co.il/downloadnew/file/.../609d94cc0ac33e6c07b5a485a534ed4f?ip=85.250.110.182

http://f2h.nana10.co.il/.../yr4ax4479uhw|5b9f541601c1e798ea5d7d887416ad16|.exe

http://f2h.nana10.co.il/.../yr4ax4479uhw|1e2fa897c4f39aaebfa0dc52d98d2e75|.exe

http://www.upf.co.il/downloadnew/file/.../a79d914abca574535ae5e362f1a16ed1

http://www.upf.co.il/downloadnew/file/.../e0a3ddfcc0ce5d0fc023f0bf06797a94_MTQ1NTgxMTE2Ng==

http://down.upf.co.il/downloadnew/file/.../c0d94f482b058cc905c75268824c56e6?ip=109.64.177.84

http://www.upf.co.il/downloadnew/file/.../a17a37050e66dd5575235d59cd5d4457

http://www.upf.co.il/downloadnew/file/.../c35ccf0f81f72b328f83c803601ea627

http://down.upf.co.il/downloadnew/file/.../e349051ee013d83c26af862b97f3cecd

http://www.upf.co.il/downloadnew/file/.../3beba2b1f05b9230fdc216eca673c1fd_MTQ1NTc0MzE2MA==

http://down.upf.co.il/downloadnew/file/.../9b5e4855e02de1890001c04c04d3f3ad_MTQ0MzUyNjM0OQ==

http://down.upf.co.il/downloadnew/file/.../e35e1b74216776fa47b1a1ed5e00b77e_MTQ1NDUzMjkyMg==

http://down.upf.co.il/downloadnew/file/.../4cb217dbf5bb59769a3c59a3460dfc74_MTQ0NDQxMjA0Mw==

http://www.upf.co.il/downloadnew/file/.../4ef767c03597ba383f61ca090f6b3da0_MTQ1NTU1MTY1NA==

http://www.upf.co.il/downloadnew/file/.../14ee2722c398fd2dfaf5372d2f262a91

Latest 30 of 32 download URLs

Remove מייצר מנויים למיקמק.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.