home

mscinet.exe

MiniMouseMacro

Turnssoft

The executable mscinet.exe has been detected as malware by 16 anti-virus scanners. This trojan will attemp to establish a connection to a remote server through various TCP ports and will use Winlogon to survive reboots.
Publisher:
Turnssoft

Product:
MiniMouseMacro

Description:
Mini Mouse Macro

Version:
1.3.2.1

MD5:
f6016779d34cb9820828cf24bde911b1

SHA-1:
c881c98b69f57541bfa88954cc5432d7067de10d

SHA-256:
55f5fed796f6c2570e52004d91f082e614ba209fd94c165799badc5d2d0ced18

Scanner detections:
16 / 68

Status:
Malware

Analysis date:
4/26/2024 12:57:18 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1634632
1033

Avira AntiVirus
TR/Dropper.A.15051
7.11.141.230

Baidu Antivirus
Worm.Win32.Dorkbot
4.0.3.1448

Bitdefender
Trojan.GenericKD.1634632
1.0.20.490

Dr.Web
Trojan.Packed.26370
9.0.1.098

Emsisoft Anti-Malware
Trojan.GenericKD.1634632
8.14.04.08.10

ESET NOD32
Win32/Injector.BBJD (variant)
8.9649

F-Secure
Trojan.GenericKD.1634632
11.2014-08-04_3

G Data
Trojan.GenericKD.1634632
14.4.24

Kaspersky
Trojan-Proxy.Win32.Lethic
14.0.0.4048

Malwarebytes
Trojan.Agent.ED
v2014.04.08.10

McAfee
Artemis!F6016779D34C
5600.7167

Microsoft Security Essentials
Trojan:Win32/Lethic.B
1.10401

MicroWorld eScan
Trojan.GenericKD.1634632
15.0.0.294

nProtect
Trojan.GenericKD.1634632
14.04.08.01

Sophos
Mal/Generic-L
4.98

File size:
208 KB (212,992 bytes)

Product version:
1.3.2.1

Copyright:
Copyright © 2013

Original file name:
MiniMouseMacro.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
4/7/2014 5:50:41 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:vbYyAG1tvt7C6mjidjbuaaej8T2sCNH2jxWnDAzzR9E9ZfjA4V2HWD2XoR+au+lP:x1Jq8/jah/xWDAzAdOWpb5lP

Entry address:
0x1578C000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 8B, C5, 81, ED, A8, A6, 02, 20, 2B, 85, 0F, AE, 02, 20, 89, 85, 0B, AE, 02, 20, B0, 00, 86, 85, 40, B0, 02, 20, 3C, 01, 0F, 85, BC, 01, 00, 00, 83, BD, 3B, AF, 02, 20, 00, 74, 33, 83, BD, 3F, AF, 02, 20, 00, 74, 2A, 8B, 85, 0B, AE, 02, 20, 2B, 85, 3B, AF, 02, 20, 8B, 00, 89, 85, 78, AF, 02, 20, 8B, 85, 0B, AE, 02, 20, 2B, 85, 3F, AF, 02, 20, 8B, 00, 89, 85, 7C, AF, 02, 20, EB, 61, 83, BD, 43, AF, 02, 20, 00, 74, 58, 8B, 85, 0B, AE, 02, 20, 2B, 85, 43, AF, 02, 20, FF, 30, 8D, 85...
 
[+]

Entropy:
6.1646

Packer / compiler:
ASPack v1.08.04

Code size:
79 KB (80,896 bytes)

Remove mscinet.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.