home

Conquer.exe

Conquer Online

TQ Digital Entertainment

The executable Conquer.exe has been detected as malware by 14 anti-virus scanners. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download.
Publisher:
TQ Digital Entertainment

Product:
Conquer Online

Version:
2012, 215, 0, 1

MD5:
b1f2263b7a738e82a6cdba7ab300270e

SHA-1:
a780646454f586129b496e203dcba854954d38f8

SHA-256:
d1fdf57084f7899d092c251b90a49cb1d71d84411fa4e0ccb52700dc56a582d3

Scanner detections:
14 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/26/2024 5:23:05 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Sality.3
5791462

avast!
Win32:Sality
150828-0

AVG
Win32/Sality
2015.0.4355

Bkav FE
W32.Sality.PE
1.3.0.6979

Dr.Web
Win32.Sector.30
9.0.1.05190

Emsisoft Anti-Malware
Win32.Sality
10.0.0.5366

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

F-Prot
W32/Sality.gen2
4.6.5.141

F-Secure
Win32.Sality.3
5.14.151

Microsoft Security Essentials
Threat.Undefined
1.205.1047.0

Norman
Win32.Sality.3
04.08.2015 10:30:46

Sophos
Virus 'Mal/Sality-D'
5.17

VIPRE Antivirus
Threat.4758034
42326

ViRobot
Win32.Sality.Gen.A[h]
2014.3.20.0

File size:
6.7 MB (7,032,832 bytes)

Product version:
2012, 215, 0, 1

Copyright:
Copyright (C) 2002-2011

Original file name:
Conquer.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

File PE Metadata
Compilation timestamp:
5/19/2015 9:29:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:NZ49AzdZV6GKNUVP2QgSBhQG6tnOQyXz5VshlSi4zwCCJQ04jQZkunjPetfCsggV:NVP2HSByLn7yXz5GD/4jK7Hw

Entry address:
0x482FDB

Entry point:
87, C7, 51, 68, 87, 71, A8, 00, 89, D1, 0A, CC, 70, 04, F6, DD, FF, CF, FE, C0, 71, 02, F6, D0, 8D, 37, 0D, 67, 21, 7A, 14, 0D, 66, 05, C3, AD, 56, 81, F0, 13, CE, 15, 12, 59, C6, C4, 84, 8D, 39, C6, C0, A7, F6, D8, 76, 08, 2A, E5, 8D, 35, B6, 2D, 5D, D1, C6, C5, 8A, 8B, F0, BE, BA, EA, 05, 00, 81, F6, A0, E6, 00, 00, 81, EE, 5E, 03, 00, 00, 87, CE, 75, 08, 0F, CE, 81, FE, 5E, E3, 36, C5, 81, E9, A9, 0E, 05, 00, 81, FD, 06, AC, 00, 00, 77, 0C, F7, C3, 9F, 14, 3A, 49, 0F, BF, F6, 8B, F5, 4E, 8D, 01, FF, C6...
 
[+]

Entropy:
6.4531

Code size:
5 MB (5,260,800 bytes)

Remove Conquer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.