home

mq1.cpl

The file mq1.cpl has been detected as malware by 16 anti-virus scanners.
MD5:
4efc65914a8673820a010fa66650d6b3

SHA-1:
6285f39b9d705e0fa70254641d8ba338381b1577

SHA-256:
ef0c30afc5d543da2017cd83ecd7eb84f2768d8eaf00e5d0c361c70729884513

Scanner detections:
16 / 68

Status:
Malware

Analysis date:
4/29/2024 11:22:32 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/ATRAPS.Gen
7.11.50.116

avast!
Win32:Malware-gen
2014.9-170316

AVG
PSW.Banker6
2018.0.2437

Bitdefender
Gen:Variant.Barys.3546
1.0.20.375

Dr.Web
Trojan.PWS.Banker1.6851
9.0.1.075

Emsisoft Anti-Malware
Gen:Variant.Barys.3546
8.17.03.16.12

ESET NOD32
Win32/Spy.Banker.XHH (variant)
11.7706

Fortinet FortiGate
W32/Banker.XHH!tr
3/16/2017

F-Secure
Gen:Variant.Barys.3546
11.2017-16-03_5

G Data
Gen:Variant.Barys.3546
17.3.22

IKARUS anti.virus
Trojan-Banker.Win32.Banbra
t3scan.1.1.122.0

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-1318

MicroWorld eScan
Gen:Variant.Barys.3546
18.0.0.225

Panda Antivirus
Trj/Genetic.gen
17.03.16.12

Sophos
Mal/Bancos-BT
4.83

SUPERAntiSpyware
Trojan.Agent/Gen-Bancos
8532

File size:
1.2 MB (1,223,680 bytes)

Common path:
C:\users\{user}\appdata\roaming\verpetrônio-pc\mq1.cpl

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xA2D9C

Entry point:
55, 8B, EC, 83, C4, C4, B8, FC, 29, 4A, 00, E8, 7C, 31, F6, FF, 33, C0, 55, 68, C8, 2D, 4A, 00, 64, FF, 30, 64, 89, 20, 33, C0, 5A, 59, 59, 64, 89, 10, 68, CF, 2D, 4A, 00, C3, E9, AF, 0A, F6, FF, EB, F8, E8, 3C, 10, F6, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
647.5 KB (663,040 bytes)

Remove mq1.cpl - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.