home

bootmec.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from game.intrstar.net and multiple other hosts.
Description:
WinImage Self Extractor file

Version:
5.00.5001

MD5:
63ecf19b1453d310122cdf7e14a0231f

SHA-1:
3abf1a9a4cd3761e80ac81299bd8913b84de3783

SHA-256:
34f36167a9e5318c031d36e8f5bc019b41b00110b0aebc8b7bbbf0dd5ade1878

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 5:26:09 AM UTC  (today)

File size:
864.1 KB (884,793 bytes)

Product version:
5.00.5001

Copyright:
Copyright © Gilles Vollant 1993-99

Original file name:
WIMA_SFX.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\bootmec.exe

File PE Metadata
Compilation timestamp:
5/8/1999 9:11:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:6BOAZ2rGMo97FruBYHhBzJVq/lwhVop1d:UO+aGMa79vHhBzJINmVq1d

Entry address:
0x1115C

Entry point:
64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 80, 2C, 41, 00, 68, B0, 12, 41, 00, 50, A1, 08, 5B, 41, 00, 64, 89, 25, 00, 00, 00, 00, 8B, 0D, 70, 20, 41, 00, 83, EC, 6C, 89, 01, 8B, 15, 04, 5B, 41, 00, A1, 6C, 20, 41, 00, 53, 56, 57, 89, 65, E8, 89, 10, E8, 05, 01, 00, 00, 8D, 55, D8, 8D, 45, D4, FF, 35, 00, 5B, 41, 00, 52, 50, 8D, 4D, D0, 51, E8, E8, 00, 00, 00, 83, C4, 10, 68, D4, 22, 41, 00, 68, D0, 22, 41, 00, E8, D0, 00, 00, 00, 83, C4, 08, C7, 45, FC, 00, 00, 00, 00, A1, 60, 20, 41, 00, 8B, 30, 8A...
 
[+]

Developed / compiled with:
Microsoft Visual C, 2.0

Code size:
65 KB (66,560 bytes)

The file bootmec.exe has been discovered within the following program.

WinRescue XP  by Super Win Software, Inc.
Publisher's description - “Four Tools in One: Crash Fixer, RegPack, File Backup, and Troubleshooter. WinRescue protects your computer from crashes. Don't spend hours reinstalling Windows XP, restore in minutes with WinRescue XP. Defrag the Registry with RegPack.”
superwin.com/rescuexp.htm
18% remove it
 
Powered by Should I Remove It?

The file bootmec.exe has been seen being distributed by the following 5 URLs.

http://game.intrstar.net/ftp/.../bootmec.exe

http://www.ffzg.unizg.hr/ad/bootdisk/winme/.../bootmec.exe

http://www.ffzg.hr/ad/bootdisk/winme/.../bootmec.exe

http://radified.com/.../bootmec.exe

http://1gighost.com/ed/.../bootmec.exe

Scan bootmec.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.