» MalwareBytes.exe
Overview
Analysis
File Details
Downloads (1)

MalwareBytes.exe

CCleaner

The application MalwareBytes.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. The file has been seen being downloaded from onlineinstanthelp.com.

File name:

MalwareBytes.exe

Product:

CCleaner

Description:

MalwareBytes

Version:

1.0.0.0

MD5:

f50026e90bf2a8818befc42a257341ed

SHA-1:

5bfe6dd7f915b2f706d9547c61861424279fb709

SHA-256:

1b8dabf2f2ddf8d1532f4c82ff948e1e3199d404b50c732506f9eccdc7b103bb

Scanner detections:

21 / 68

Status:

Potentially unwanted

Analysis date:

5/7/2024 7:23:00 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Agent.FG

698

Agnitum Outpost

Trojan.Fakealert

7.1.1

avast!

Win32:Malware-gen

2014.9-150308

AVG

Inject2

2016.0.3176

Baidu Antivirus

Trojan.MSIL.BadJoke

4.0.3.1538

Bitdefender

Application.Agent.FG

1.0.20.335

Dr.Web

Trojan.Fakealert.47266

9.0.1.067

ESET NOD32

Win32/Hoax.Support

9.11288

F-Secure

Application.Agent.FG

11.2015-08-03_1

G Data

Application.Agent.FG

15.3.25

Kaspersky

Hoax.MSIL.Support

14.0.0.2375

Malwarebytes

Trojan.FakeMBAM

v2015.03.08.11

McAfee

Artemis!F50026E90BF2

5600.6832

MicroWorld eScan

Application.Agent.FG

16.0.0.201

NANO AntiVirus

Riskware.Win32.Support.detxmt

0.30.0.296

Panda Antivirus

Trj/CI.A

15.03.08.11

Quick Heal

Hoax.MSIL.r3 (Not a Virus)

3.15.14.00

Sophos

Generic PUA FL

4.98

Trend Micro House Call

Suspicious_GEN.F47V0622

7.2.200

Trend Micro

TROJ_GEN.R01TC0ELU14

10.465.08

VIPRE Antivirus

Trojan.Win32.Generic

38250

File size:

338 KB (346,112 bytes)

Product version:

1.0.0.0

Original file name:

MalwareBytes.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\malwarebytes.exe

File PE Metadata

Compilation timestamp:

6/17/2014 11:23:09 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:HeqLbYrLNPBua76u4D9ZYatvlVWU8TRjTbVpHLcRktU:dX8LN5tv47nVWj9R1t

Entry address:

0x4E13E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.4058

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

304.5 KB (311,808 bytes)

The file MalwareBytes.exe has been seen being distributed by the following URL.

http://onlineinstanthelp.com/.../MalwareBytes.exe

Remove MalwareBytes.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.