PUP.MeshAgent

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.MeshAgent
Signature status:	Modified signature

Known Samples

MD5: d8bd8ae915c1c5f51ad018935b407938

SHA1: ebe2fb3ef36de189445c926af5de7e53f9879cdb

SHA256: 51E7D382D6BBB9ECE88A0078BFF9A369C802CF09096ED9920C7578149B4A937D

File Size: 3.49 MB, 3489448 bytes

MD5: b558944991c0e9dc03979efdc0f6cd69

SHA1: 9f6e3c34a1120a9f236370bec344f3ccb534ad6c

SHA256: A840A3CDAC38113847036F4AA390344627A085DDDAB6A7099DE5E49DBBBAE342

File Size: 3.66 MB, 3663536 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File is 32-bit executable
File is 64-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
File Description	Mesh Agent Service
File Version	0.2.1.3
Internal Name	MeshAgent
Legal Copyright	Apache 2.0 License
Original Filename	MeshAgent.exe
Product Name	Mesh Agent Service
Product Version	0, 0, 0, 0

Block Information

Total Blocks:	9,883
Potentially Malicious Blocks:	2,518
Whitelisted Blocks:	7,365
Unknown Blocks:	0

Visual Map

0 0 0 0 0 x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x 0 x x x x x x x x x x x x x x x x x x x 0 x x x x x x 0 x x x 0 x x x x x 0 x x x x x x 0 x x 0 x x x x x 0 0 0 x x x x x x x x x x x x x x 0 x x x x 0 x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x x x x x x x x 0 x x x x x x 0 x x x x x 0 x x x 0 x 0 x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x 0 x x 0 0 x 0 x x x x 0 x x x x x 0 x 0 x x x x x 1 0 x 1 x x x x x x x x x x x 0 x x 0 x x x x x x x x x x x x x 1 x x 0 x 0 x x x x 0 x x x 0 x x x x x x x x x x x x x x x x x 0 x x x x x 0 0 x 0 x x x x x x x 0 0 x 0 x 0 x 0 x x x x x x x x x 0 x x x 0 0 x x 0 x x 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x 1 0 x x x x x x 0 x x x x x x 0 x x x 0 0 x x x x x x x x 0 x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x 0 x 0 x 0 x x 0 x x x x 1 x x x x x x x x x x x 0 x 0 x x x 0 x 0 x x x x x 0 x 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x x 0 0 x x x x x x x x x x 0 0 x 0 x x x x x x 0 x x x x x x x x x x 0 x 0 0 x x x x x x x x x 0 0 x x x x x x x x x x 0 x x x x 0 x x 0 x x x x x x x x x x 0 x x 0 x x x x x 0 x x x x x 0 x x 0 x x x x x x x x x x 0 x x x x 0 x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x 0 x x x x x 0 0 x x x x x x x 0 x x x x x x x x x 0 x 0 x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x 0 x x x x x x x x x 0 x x 0 0 x 0 x x x x x x 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x 0 x 0 x x x 0 x 0 0 x x x 0 x x x x x 0 x 0 0 x x x 0 0 x x x x 0 x x x 0 x x x 0 x 0 0 x x x x x 0 0 x x x x x x x x x x x x x x x x x 0 0 x 0 0 0 x x x x 0 x 0 x x x 1 0 x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x 0 x x 0 x x x 0 0 x 0 x 0 x x x 0 x 0 0 x 0 x x x x x x x 0 0 x x x x x x 0 x x x x x x x x 0 0 x x x x 0 0 0 x x x x x x x x x x x x x 0 x x 0 x 1 x 0 x 0 0 x 0 0 x x x x 0 x 0 0 x x x x x x x x x x x 0 x x x x x x x x x x x x x x x 0 0 x x 0 x x x 0 0 x x 0 x x x x 0 0 0 0 x x x x x x x x 0 0 0 0 x 0 x x x x x x 0 x x x x x x x x x x x x x x x x 0 x 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x 0 0 0 x x x x 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 x x x x x x x x x x 0 0 x x x x x x 0 x x x 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x 0 x x 0 x x x x x x x x x x x 0 0 0 0 0 x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 x 0 x 0 x x x x x x x x x 0 x 1 x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x 0 x x x x x x x x x x 1 x x x x x 0 0 x 0 x 0 x x x x x x x x x x x 0 x x 0 x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x 0 x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x x x x x x x x x x 0 x x x x 0 x x x x 0 x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x 0 x x x 0 x 0 x x x x 0 x x x x x x x x x 0 x x x x x x 0 x x x 0 0 x x x x x x x x x x 0 x 0 x

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Agent.AVC
MeshAgent.A

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.MeshAgent

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Windows API Usage

Windows API Usage

Submit Comment

Related Posts

PUP.MeshAgent.A

Trending

Zareus Ransomware

Backdoor.Win32.Small.vy

Thebestsellsonline.Top

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen