home

mbox2w.exe

Teggo MoleBox

Teggo Software Ltd.

The executable mbox2w.exe has been detected as malware by 7 anti-virus scanners.
Publisher:
Teggo Software Ltd.  (signed and verified)

Product:
Teggo MoleBox

Description:
Packer MoleBox

Version:
2, 7, 0, 3641

MD5:
e9bc38f78e7b4fbfe4600f45377ca987

SHA-1:
e6f8f0318fd96f999f2d2fab45ea05f5d15ffc49

SHA-256:
ec85efa19fcc0f60ae45ed8a1a768c42c54cf64526f03312e73434c2f5a7fc61

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
4/25/2024 10:14:06 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Refroso.bwul
7.11.97.202

Comodo Security
TrojWare.Win32.Vilsel.G
16805

McAfee
Artemis!E9BC38F78E7B
5600.7070

Norman
Suspicious_Gen2.VGCZS
11.20140713

Rising Antivirus
Trojan.Win32.Generic.12A3383A
23.00.65.14711

Trend Micro House Call
TROJ_GEN.R29H1EN
7.2.194

Vba32 AntiVirus
Trojan.Refroso
3.12.22.3

File size:
596.4 KB (610,736 bytes)

Product version:
2, 7, 0, 3641

Copyright:
Copyright © 2002-2008

Original file name:
mbox2w.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\moleboxpro\mbox2w.exe

Digital Signature
Signed by:
Teggo Software Ltd.

Authority:
Teggo Software Ltd.

Valid from:
10/21/2008 11:40:27 AM

Valid to:
1/1/2040 3:29:59 AM

Subject:
E=monster@teggo.com, CN=Teggo Software, O=Teggo Software Ltd.

Issuer:
E=monster@teggo.com, CN=Teggo Root CA, O=Teggo Software Ltd.

Serial number:
93BCCEE6724371A24B0B280EE6ABD459

File PE Metadata
Compilation timestamp:
1/16/2009 3:20:35 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:/xKKIsPLPtBZE68w6gv8HUsQlbf8tyNZX4VtPFG8s:/xKeTtzzc7BQRf8oz4VNFG8s

Entry address:
0x22C1

Entry point:
55, 8B, EC, 6A, FF, 68, 00, 00, 00, 00, 68, 00, 00, 00, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 52, E8, 4E, FF, FF, FF, 52, 50, 51, E8, 62, FF, FF, FF, 68, 98, 5B, EB, 6A, 50, 56, 55, E8, 3C, FF, FF, FF, 53, 56, 56, E8, 59, FF, FF, FF, FF, 31, 87, 1C, 24, 81, C4, 04, 00, 00, 00, E8, 9D, FF, FF, FF, 52, 55, E8, 2E, FF, FF, FF, 68, 17, 2A, B9, 62, 68, 8A, 40, DA, 22, 51, E8, 01, FF, FF, FF, 52, 51, E8, 6E, FF, FF, FF, 68, 01, 23, 40, 00, 39, F1, 73, 01, C3, 81, C4, 04, 00, 00, 00, E8, 1F...
 
[+]

Entropy:
7.9548

Developed / compiled with:
Microsoft Visual C++

Code size:
196 KB (200,704 bytes)

Remove mbox2w.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.