home

KmzKml.exe

KMZ - KML converter

Mc & RENOX technologies - www.mcrenox.com.ar

This is a setup program which is used to install the application. The file has been seen being downloaded from www.mcrenox.com.ar.
Publisher:
Mc & RENOX technologies - www.mcrenox.com.ar

Product:
KMZ - KML converter

Version:
3.3.0.0

MD5:
54cf370e2c1f1b25ec110b00a40a58f3

SHA-1:
a269d707e0ef2dcd4a1d810a916b1fc35e43c7cd

SHA-256:
f0e66c982db08657ac18e719bbfd8e3a7155f14eacdcbeac27cc0ec27c8728fc

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/24/2024 12:40:10 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/Banload.CF.gen
4.6.5.141

Qihoo 360 Security
HEUR/QVM05.1.Malware.Gen
1.0.0.1120

Rising Antivirus
Malware.RDM.39!5.2D
23.00.65.16526

File size:
2.6 MB (2,684,416 bytes)

Product version:
3.3.0.0

Copyright:
Copyright © 2008-2016 by Mc & RENOX

Trademarks:
Mc & RENOX technologies - www.mcrenox.com.ar

Original file name:
KmzKml.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\kmzkml.exe

File PE Metadata
Compilation timestamp:
4/4/2016 4:53:25 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:F9c2+CzzCTJDRS9jPjPr0/1ubXTETtct:Frzz0cPrgub4ct

Entry address:
0x25871C

Entry point:
55, 8B, EC, 83, C4, F0, B8, 1C, FD, 64, 00, E8, B0, 62, DB, FF, A1, 90, 64, 66, 00, 8B, 00, E8, 7C, A4, F8, FF, A1, 90, 64, 66, 00, 8B, 00, B2, 01, E8, B6, C1, F8, FF, A1, 90, 64, 66, 00, 8B, 00, BA, 8C, 87, 65, 00, E8, 8D, 9E, F8, FF, 8B, 0D, 68, 61, 66, 00, A1, 90, 64, 66, 00, 8B, 00, 8B, 15, 78, 77, 64, 00, E8, 5D, A4, F8, FF, A1, 90, 64, 66, 00, 8B, 00, E8, AD, A5, F8, FF, E8, 4C, 0F, DB, FF, B0, 04, 02, 00, FF, FF, FF, FF, 13, 00, 00, 00, 4B, 00, 4D, 00, 5A, 00, 20, 00, 2D, 00, 20, 00, 4B, 00, 4D, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.3 MB (2,455,040 bytes)

The file KmzKml.exe has been seen being distributed by the following URL.

http://www.mcrenox.com.ar/.../kmzkml.exe

Scan KmzKml.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.