home

30morghsite.exe

30morghsite

The executable 30morghsite.exe, “30morghsite Proxy” has been detected as malware by 26 anti-virus scanners.
Publisher:
30morghsite

Product:
30morghsite

Description:
30morghsite Proxy

Version:
0.05.0002

MD5:
15afc07f30a4306b38980ff91b15e8e8

SHA-1:
9da3fa47328a630efa474161ddf72495f75dd5a8

SHA-256:
a675e3a6b9bc5b0b8cbaf4f00c2833a2f2bc48a98ebad181092032a75db2e160

Scanner detections:
26 / 68

Status:
Malware

Analysis date:
5/4/2024 5:19:16 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Win32.FileInfector.Wn0@aKDlY6cO
904

Avira AntiVirus
TR/Rogue.28672.48
7.11.165.44

avast!
Win32:Malware-gen
2014.9-141101

AVG
Generic36
2015.0.3304

Baidu Antivirus
Trojan.Win32.Genome
4.0.3.14111

Bitdefender
Gen:Win32.FileInfector.Wn0@aKDlY6cO
1.0.20.1135

Comodo Security
UnclassifiedMalware
19085

Emsisoft Anti-Malware
Gen:Win32.FileInfector.Wn0@aKDlY6cO
8.14.08.15.03

ESET NOD32
probably unknown NewHeur_PE
8.10202

Fortinet FortiGate
W32/Genome.IAQF!tr.dldr
11/1/2014

F-Prot
W32/VB-Downloader-Sml-based!Max
v6.4.7.1.166

F-Secure
Gen:Win32.FileInfector.Wn0@aKDlY6cO
11.2014-15-08_6

G Data
Gen:Win32.FileInfector.Wn0@aKDlY6cO
14.8.24

IKARUS anti.virus
Trojan-Downloader.Win32.Genome
t3scan.1.6.1.0

K7 AntiVirus
NetWorm
13.182.12945

Kaspersky
Trojan-Downloader.Win32.Genome
14.0.0.3014

McAfee
Artemis!6BF06056E9CD
5600.6960

MicroWorld eScan
Gen:Win32.FileInfector.Wn0@aKDlY6cO
15.0.0.681

NANO AntiVirus
Trojan.Win32.Genome.dcwtjq
0.28.2.61349

Norman
Troj_Generic.VCYRE
11.20141101

Qihoo 360 Security
Win32/Trojan.244
1.0.0.1015

Rising Antivirus
PE:Trojan.Win32.Generic.171028C4!386934980
23.00.65.141030

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_GEN.R047H07GT14
7.2.227

VIPRE Antivirus
Trojan.Win32.Generic
31922

ViRobot
Trojan.Win32.A.Downloader.1839104.AD
2011.4.7.4223

File size:
1.7 MB (1,789,952 bytes)

Product version:
0.05.0002

Copyright:
Copyright © 2009-2014 30morghsite Group

Original file name:
30morghsite.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
7/17/2014 8:33:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:tA3541CJyOkPj+UXoIUN6h1vup1oUIsWo7E63+Mg4gEFhayhsyoc9:tOtJyj+iop1oUIC7ES+M9gGb9

Entry address:
0x247C

Entry point:
68, EC, 27, 40, 00, E8, F0, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 9D, 06, A3, F7, A1, BE, B1, 45, BB, 4D, 8C, B9, 88, 13, A5, AB, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 73, 69, 6D, 6F, 72, 67, 68, 73, 69, 74, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 02, 00, 00, 00, F3, 28, 3D, C3, EC, 89, F5, 48, A7, 69, 20, 94, CC, 2A, 93, 43, 01, 00, 00, 00, A0, 00, 00, 00...
 
[+]

Entropy:
6.2300

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
132 KB (135,168 bytes)

Remove 30morghsite.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.