home

MN5toMN6.EXE

Application MN5toMN6

The executable MN5toMN6.EXE, “Application MFC MN5toMN6” has been detected as malware by 11 anti-virus scanners. The file has been seen being downloaded from sebastien.guchet.free.fr.
Product:
Application MN5toMN6

Description:
Application MFC MN5toMN6

Version:
1, 0, 0, 1

MD5:
8697f81abce8f9e8028e8f04d6b065af

SHA-1:
a9f7463af7bb079e8a0c6d7d4ea616bb87f6d92e

SHA-256:
7fd43969cd6df31bec884417c76fa2b251474af57ab9edbe34dee378a56ae1f3

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
4/24/2024 2:39:20 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1205937
1133

Bitdefender
Trojan.GenericKD.1205937
1.0.20.1205

Bkav FE
W32.Clod4ad.Trojan
1.3.0.4613

Comodo Security
UnclassifiedMalware
17510

Emsisoft Anti-Malware
Trojan.GenericKD.1205937
8.13.08.29.05

F-Secure
Trojan.GenericKD.1205937
11.2013-29-08_5

G Data
Trojan.GenericKD.1205937
13.8.22

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.2.2.29

MicroWorld eScan
Trojan.GenericKD.1205937
14.0.0.723

Norman
Suspicious_Gen5.AFXCC
11.20131127

Panda Antivirus
Suspicious file
13.11.27.02

File size:
24 KB (24,576 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2007

Original file name:
MN5toMN6.EXE

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\users\{user}\downloads\mn5tomn6.exe

File PE Metadata
Compilation timestamp:
1/4/2007 2:12:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
192:eaglP81+S4KMBe7OtdF3AOVEF2P1oynyln8YhsOut:k+UK+e7IAOV114Jqt

Entry address:
0x1F10

Entry point:
55, 8B, EC, 6A, FF, 68, 58, 34, 40, 00, 68, 96, 20, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, FC, 31, 40, 00, 59, 83, 0D, EC, 41, 40, 00, FF, 83, 0D, F0, 41, 40, 00, FF, FF, 15, F8, 31, 40, 00, 8B, 0D, E0, 41, 40, 00, 89, 08, FF, 15, F4, 31, 40, 00, 8B, 0D, DC, 41, 40, 00, 89, 08, A1, F0, 31, 40, 00, 8B, 00, A3, E8, 41, 40, 00, E8, 16, 01, 00, 00, 39, 1D, 00, 41, 40, 00, 75, 0C, 68, 92, 20, 40, 00, FF, 15, EC, 31...
 
[+]

Entropy:
2.8486

Code size:
8 KB (8,192 bytes)

The file MN5toMN6.EXE has been seen being distributed by the following URL.

http://sebastien.guchet.free.fr/.../MN5toMN6.exe

Remove MN5toMN6.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.