dark light client 1 9 16 5.exe

2007 Microsoft Office system

Media Skrins

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable dark light client 1 9 16 5.exe, “Microsoft Script Editor” has been detected as malware by 1 anti-virus scanner.
Publisher:
Microsoft Corporation  (signed by Media Skrins)

Product:
2007 Microsoft Office system

Description:
Microsoft Script Editor

Version:
12.0.6606.1000

MD5:
06d8a41e9043c807c1f0d24ec62d6d3d

SHA-1:
6150bec7b86f8e4995ad70927ba023bc4f0ab410

SHA-256:
f013c9ad6fde2caf73ecef7bb0ad70b3ed4975e29915a54b5143b25b5c53429d

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/25/2024 4:09:24 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.11.20

File size:
575.5 KB (589,328 bytes)

Product version:
12.0.6606.1000

Copyright:
© 2006 Microsoft Corporation. All rights reserved.

Original file name:
mse.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\dark light client 1 9 16 5.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
7/8/2016 3:00:00 AM

Valid to:
7/9/2017 2:59:59 AM

Subject:
CN=Media Skrins, O=Media Skrins, STREET="Sergeya Radonezhskogo, 1", L=Moscow, S=Moscowskaya, PostalCode=105120, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4306C63FF43EF33E0058941CF93B71D8

File PE Metadata
Compilation timestamp:
8/1/2016 3:50:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x15A0

Entry point:
55, 8B, EC, 81, EC, BC, 02, 00, 00, 53, 56, 57, C6, 85, 67, FF, FF, FF, 1D, EB, 02, CD, 4F, EB, 02, 87, F7, 68, C3, 15, 40, 00, C3, CD, 83, EB, 01, 55, 8B, C0, 68, D0, 15, 40, 00, C3, 33, DD, 68, D7, 15, 40, 00, C3, 56, EB, 02, 2B, E3, C1, E8, 00, 68, 40, E1, 48, 00, FF, 15, 30, 61, 48, 00, 68, 17, 17, 00, 00, A1, 94, ED, 48, 00, 50, FF, 15, 44, 65, 48, 00, 85, C0, 74, 05, E8, 9D, FF, FF, FF, 8B, D2, 8B, 55, 08, 8B, D2, 89, 15, 9C, ED, 48, 00, 89, 2D, 7C, ED, 48, 00, 68, 61, 1E, 00, 00, 8B, 0D, 94, ED, 48...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
530.5 KB (543,232 bytes)

Remove dark light client 1 9 16 5.exe - Powered by Reason Core Security