home

camfrog 6.5 pro.exe

Camfrog 6.5 Pro

My Company, Inc.

The executable camfrog 6.5 pro.exe, “Camfrog 6.5 Pro Setup ” has been detected as malware by 24 anti-virus scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from download1294.mediafire.com.
Publisher:
My Company, Inc.

Product:
Camfrog 6.5 Pro

Description:
Camfrog 6.5 Pro Setup

MD5:
3da325b5d2ec793dbee270a2c021954a

SHA-1:
dc9d5414359842fd73349500dcf41e8251caefc4

SHA-256:
d19183a8cae51a3f4d1920a1fadea47809f9fa7205835c11de23566730129a98

Scanner detections:
24 / 68

Status:
Malware

Analysis date:
4/25/2024 5:49:20 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.10426879
386

Avira AntiVirus
TR/Spy.Agent.NFX.651
7.11.212.246

AVG
PSW.MSIL
2017.0.2864

Baidu Antivirus
Trojan.MSIL.Agent
4.0.3.16114

Bitdefender
Trojan.Generic.10426879
1.0.20.70

Comodo Security
UnclassifiedMalware
21250

Emsisoft Anti-Malware
Trojan.Generic.10426879
8.16.01.14.08

ESET NOD32
MSIL/PSW.Agent.NFX (variant)
10.11249

Fortinet FortiGate
MSIL/Agent.NFX!tr.pws
1/14/2016

F-Secure
Trojan.Generic.10426879
11.2016-14-01_5

G Data
Trojan.Generic.10426879
16.1.25

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.8.6.0

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.816

McAfee
Artemis!3DA325B5D2EC
5600.6520

MicroWorld eScan
Trojan.Generic.10426879
17.0.0.42

NANO AntiVirus
Trojan.Win32.Agent.ctyqvp
0.30.0.296

Norman
Suspicious_Gen4.FZWEJ
11.20160114

nProtect
Trojan.Generic.10426879
15.02.27.01

Panda Antivirus
Trj/CI.A
16.01.14.08

Qihoo 360 Security
Win32/Trojan.Spy.730
1.0.0.1015

Trend Micro House Call
TROJ_GEN.R002C0EAB15
7.2.14

Trend Micro
TROJ_GEN.R002C0EAB15
10.465.14

VIPRE Antivirus
Trojan.Win32.Generic
38010

ViRobot
Trojan.Win32.S.Agent.454634[h]
2014.3.20.0

File size:
444 KB (454,634 bytes)

Product version:
6.5

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\camfrog 6.5 pro.exe

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:5naHxKC6vyGV3EmK+SH53uGFwL2aT9C/iF9JQm:5naRK5BK9H53uWaTDam

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9300

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file camfrog 6.5 pro.exe has been seen being distributed by the following URL.

http://download1294.mediafire.com/rbhe5g1bjdrg/.../Camfrog 6.5 Pro.exe

Remove camfrog 6.5 pro.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.