» cxaudmsg64.exe
Overview
Analysis
File Details
Behaviors (1)

cxaudmsg64.exe

Conexant Audio Message Service

Conexant Systems Inc.

The executable cxaudmsg64.exe has been detected as malware by 20 anti-virus scanners. It runs as a separate (within the context of its own process) windows Service named “Conexant Audio Message Service”.

File name:

cxaudmsg64.exe

Publisher:

Conexant Systems Inc.

Product:

Conexant Audio Message Service

Version:

1.6.0.0

MD5:

b46a44d725f0cd0eccbd5489ccc8eb8f

SHA-1:

bd20d52bd14f72e25fd5e619967b8288951553ea

SHA-256:

dc60f6258bc36985b9e6d70efb8de8720ff2798e55c026fe7443ba0ba984ab7a

Scanner detections:

20 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/26/2024 3:58:20 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.SlugIn.A.Dam

5704860

Agnitum Outpost

Win32.Slugin.A

7.1.1

Arcabit

Win32.SlugIn.A.Dam

1.0.0.629

avast!

Patched-HO [Trj]

151205-4

AVG

Win32/Slugin.A

2015.0.4483

Bitdefender

Win32.SlugIn.A.Dam

1.0.20.1725

Clam AntiVirus

Trojan.Spy-59563

0.98/21152

Dr.Web

Trojan.MulDrop3.48024

9.0.1.05190

Emsisoft Anti-Malware

Win32.SlugIn.A.Dam

10.0.0.5366

Fortinet FortiGate

W32/Slugin.A

12/11/2015

F-Prot

W32/Slugin.A.gen

4.6.5.141

F-Secure

Win32.SlugIn.A.Dam

11.2015-11-12_6

G Data

Win32.SlugIn.A.Dam

15.12.25

IKARUS anti.virus

Virus.Win32.Slugin

t3scan.1.9.5.0

Microsoft Security Essentials

Threat.Undefined

1.211.2390.0

MicroWorld eScan

Win32.SlugIn.A.Dam

16.0.0.1035

NANO AntiVirus

Trojan.Win32.Slugin.rgpjj

1.0.10.5081

Norman

Win32.SlugIn.A.Dam

10.12.2015 02:43:34

nProtect

Win32.SlugIn.A.Dam

15.12.11.01

VIPRE Antivirus

Threat.4314869

45744

File size:

380.4 KB (389,554 bytes)

Product version:

1.6.0.0

Original file name:

CxAudMsg.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\Windows\System32\cxaudmsg64.exe

File PE Metadata

Compilation timestamp:

6/8/2012 4:07:13 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

9.0

CTPH (ssdeep):

6144:+0Znr99c9GmF8ZJHftPa/8RW6QZ4zytbLGZ4zytbL10p:1ZrPBJ/to6e4zkI4zkI

Entry address:

0xDAD8

Entry point:

48, 83, EC, 28, E8, E3, 35, 00, 00, 48, 83, C4, 28, E9, BE, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 79, E6, 00, 00, 75, 12, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 03, C2, 00, 00, 48, C1, C9, 10, E9, 60, 36, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, C6, 41, 18, 00, 48, 85, D2, 0F, 85, AA, 00, 00, 00, E8, 7D, 32, 00, 00, 48, 89, 43, 10, 48, 85, C0, 0F, 84, 81, 00, 00, 00, 48, 8B, 88, C0, 00, 00, 00, 48... 
[+]

Entropy:

5.8351

Code size:

105.5 KB (108,032 bytes)

Service

Display name:

Conexant Audio Message Service

Service name:

CxAudMsg

Description:

Monitors audio device events and forward them to subscribing application. If this service is stop. the aduio effects will not function properly.

Type:

Win32OwnProcess

Depends on:

Audiosrv

Remove cxaudmsg64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.