home

msquomzc.exe

Farlane1

MDG Advertising

Publisher:
Ughele  (signed by MDG Advertising)

Product:
Farlane1

Description:
Accra

Version:
1.00

MD5:
d651ca516b3bcf75d131a5ecba515c73

SHA-1:
da0107b69871db8909e1c43ac1068e16cd2b2516

SHA-256:
4b90d01301d16ddb41517531a95e10aa35b350f353630a8a380f3a2f7c5f9858

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
6/17/2024 4:16:23 AM UTC  (today)

Scan engine
Detection
Engine version

Panda Antivirus
Trj/Chgt.O
15.06.10.09

File size:
66.6 KB (68,176 bytes)

Product version:
1.00

Original file name:
Salibabu.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\msquomzc.exe

Digital Signature
Signed by:
MDG Advertising

Authority:
COMODO CA Limited

Valid from:
6/3/2015 1:00:00 AM

Valid to:
6/3/2016 12:59:59 AM

Subject:
CN=MDG Advertising, OU=IT, O=MDG Advertising, STREET=3500 NW BOCA RATON BLVD, L=Boca Raton, S=FL, PostalCode=33431, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A0084B03DC479722DA675156F0A37B70

File PE Metadata
Compilation timestamp:
6/10/2015 1:15:18 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:XDQ5Thpf/A0vAZSmBiOzPn3RgLlfqsGEGBIwRlJd7zkr+j4XX/fdJvJDz4riY:M5TnfIFBdzJYlfQnzvg+ABJDMriY

Entry address:
0x1274

Entry point:
68, 98, A2, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, C4, 76, 37, 66, 6F, 23, 97, 4A, 8A, 05, EA, D9, 29, 1A, 14, 9F, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, DC, 02, 09, 00, 00, 00, 53, 71, 75, 61, 77, 6C, 61, 6B, 65, 33, 00, 00, F0, 07, 41, 00, 00, 00, 00, 00, FF, CC, 31, 00, 03, 38, 78, A9, 91, F8, 53, 5F, 4A, AC, E5, 70, B0, 29, 2E, 4B, 17, 53, CB, B4, 93, 75, 67, 97, 4E, A5, 77, D4, C7, 10, 56, EE, 31, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
6.3983

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
48 KB (49,152 bytes)

Policies Explorer Run
Name:
494700472


Scan msquomzc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.