home

macstartx v.x.exe

MacStartxVX

Product:
MacStartxVX

Version:
1.00

MD5:
c11114d53697f65fc7f8eb3786bfc3be

SHA-1:
64e88334b23eb7ee144e559c5ce49fd92931398c

SHA-256:
5a6c64a761ab74c0f13fba202d275bf7ac1a713104d3000a397750903beea6c7

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 2:08:38 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod1ba.Trojan
1.3.0.4613

K7 AntiVirus
Riskware
13.175.10750

Quick Heal
(Suspicious) - DNAScan
1.14.12.00

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.14113

File size:
504 KB (516,096 bytes)

Product version:
1.00

Original file name:
MacStartxVX.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\macstartx v.x.exe

File PE Metadata
Compilation timestamp:
7/22/2013 1:22:43 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:GaeNYfndsK7Az3rAYaeNYfndsK7s6sKIaeNYfn:jeV3IeSe

Entry address:
0x12C0

Entry point:
68, FC, E1, 42, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, EA, AE, E1, 22, 8E, 91, 01, 4D, A8, 17, E3, A5, 02, 50, 62, 70, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4D, 61, 63, 53, 74, 61, 72, 74, 78, 56, 58, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 0F, 2D, D6, E7, 5A, 95, CD, A0, 4B, 85, 29, 50, 82, B8, 9D, 89, 67, A9, E4, 8E, CB, 20, 44, 68, 43, 82, D6, C1, 21, 76, 3B, A4, D8, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
6.3534

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
344 KB (352,256 bytes)

The file macstartx v.x.exe has been seen being distributed by the following URL.

http://dc113.gulfup.com/rH0I1.exe

Scan macstartx v.x.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.