home

zmc_demux_mp2.exe

Finanzgerichte

WinZip Computing, S.L.

The executable zmc_demux_mp2.exe has been detected as malware by 29 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup.
Publisher:
WinZip Computing, S.L.

Product:
Finanzgerichte

Version:
1.01.0008

MD5:
860c354b726df41b31ae672aeb5dee28

SHA-1:
666829f57befec23bd5586abbc740c73cd16c9c3

SHA-256:
86d7e8b3b64835f597b29cb322fa8936a0a90a8dbf690412dbad68fbd5368b03

Scanner detections:
29 / 68

Status:
Malware

Analysis date:
4/26/2024 7:05:49 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11187437
1017

Agnitum Outpost
Trojan.Boaxxe
7.1.1

Avira AntiVirus
TR/VB.Downloader.1147
7.11.145.12

avast!
Win32:VBInject-T [Trj]
2014.9-140424

AVG
Downloader.VB
2015.0.3495

Baidu Antivirus
Trojan.Win32.Boaxxe
4.0.3.14424

Bitdefender
Trojan.Generic.11187437
1.0.20.570

Bkav FE
W32.AllningtC.Trojan
1.3.0.4959

Dr.Web
Trojan.Boaxxe.2
9.0.1.0114

Emsisoft Anti-Malware
Trojan.Generic.11187437
8.14.04.24.05

ESET NOD32
Win32/Boaxxe.BL
8.9714

Fortinet FortiGate
W32/INJECT.YHI!tr
4/24/2014

F-Secure
Trojan.Generic.11187437
11.2014-24-04_5

G Data
Trojan.Generic.11187437
14.4.24

IKARUS anti.virus
Trojan.Win32.Miuref
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.176.11861

Malwarebytes
Trojan.Dorkbot.ED
v2014.04.24.05

McAfee
RDN/Generic.dx!d2o
5600.7151

Microsoft Security Essentials
Trojan:Win32/Miuref.D
1.10502

MicroWorld eScan
Trojan.Generic.11187437
15.0.0.342

Norman
Suspicious_Gen4.GDFUP
11.20140424

nProtect
Trojan.Generic.11187437
14.04.23.01

Panda Antivirus
Generic Malware
14.04.24.05

Qihoo 360 Security
Win32/Trojan.BO.241
1.0.0.1015

Quick Heal
Trojan.Miuref.r3
4.14.12.00

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_INJECT.YHI
7.2.114

Trend Micro
TROJ_INJECT.YHI
10.465.24

VIPRE Antivirus
Trojan.Win32.Generic
28554

File size:
53.9 KB (55,229 bytes)

Product version:
1.01.0008

Original file name:
Rechnerfamilien Frauenkampfsports.exe

File type:
Executable application (Win32 EXE)

Language:
Taiwanese

Common path:
C:\users\{user}\appdata\local\temp\zmc_demux_mp2.exe

File PE Metadata
Compilation timestamp:
4/5/2014 9:56:02 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:yMjH9z+nN6YS8vepvkVxCfWzPTH8ksh15tE+oa5mJigviPVYrsSZhHfQsM8dvEC:yuzg+xfSHlLq

Entry address:
0x1128

Entry point:
68, 40, 12, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, D1, 65, B9, 14, D0, 47, E3, 41, 8A, 07, E4, 1A, 56, 3C, 46, 68, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, C8, 84, 3B, 02, 62, 65, 69, 67, 65, 74, 72, 65, 74, 65, 6E, 65, 6E, 00, 3C, 02, 00, 00, 00, 00, 07, 00, 00, 00, E0, 1E, 40, 00, 07, 00, 00, 00, 94, 1E, 40, 00, 07, 00, 00, 00, 48, 1E, 40, 00, 07, 00, 00, 00, 00, 1E, 40, 00, 06, 00, 00, 00, 60, 1D, 40, 00, 50, 00, 00, 00, 13, 3C, 8A, D7...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
40 KB (40,960 bytes)

Remove zmc_demux_mp2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.