» cargo.exe
Overview
Analysis
File Details
Behaviors (1)

cargo.exe

Cargo WebClient

The Cargo Team

The application cargo.exe has been detected as a potentially unwanted program by 18 anti-malware scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Cargo’.

File name:

cargo.exe

Publisher:

The Cargo Team

Product:

Cargo WebClient

Version:

1.0.1.1

MD5:

dd61ce798df27dd99a11cb017ee55295

SHA-1:

96a1106e939d8a8376cc2d995a70bbd7880f0ebc

SHA-256:

1df7106dcfd2f3971fc896f83ed3f00f4f9e6c53dc2fa242462bf2cdcd473f8f

Scanner detections:

18 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 5:55:02 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2575348

354

Agnitum Outpost

PUA.PopDeals

7.1.1

Avira AntiVirus

ADWARE/PopDeals.A.169

8.3.2.2

Arcabit

Trojan.Generic.D274BF4

1.0.0.567

avast!

Win32:Malware-gen

2014.9-160215

Bitdefender

Trojan.GenericKD.2575348

1.0.20.230

Emsisoft Anti-Malware

Trojan.GenericKD.2575348

8.16.02.15.07

F-Secure

Trojan.GenericKD.2575348

11.2016-15-02_2

G Data

Trojan.GenericKD.2575348

16.2.25

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.656

Malwarebytes

PUP.Optional.PopDeals.A

v2016.02.15.07

McAfee

Artemis!DD61CE798DF2

5600.6488

MicroWorld eScan

Trojan.GenericKD.2575348

17.0.0.138

nProtect

Trojan.GenericKD.2575348

15.09.24.01

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Sophos

PopDeals (PUA)

4.98

Trend Micro

TROJ_GEN.R02KC0EH415

10.465.15

VIPRE Antivirus

Trojan.Win32.Generic

44032

File size:

75.5 KB (77,312 bytes)

Product version:

1.0.1.1

Original file name:

cargo2.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\cargo\cargo.exe

File PE Metadata

Compilation timestamp:

6/30/2015 10:34:02 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:TsaaSuzhTzkS8bz/Gw68XyAvb3/Q8JTmbAoi:Ts8euXyCb3/Q8Rmb1i

Entry address:

0x1423E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

73 KB (74,752 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Cargo

Command:

C:\Program Files\cargo\cargo.exe

Remove cargo.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.