» kotiki vper d a tfile me torrent.exe
Overview
Analysis
File Details

kotiki vper d a tfile me torrent.exe

2007 Microsoft Office system

Dragon Service

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable kotiki vper d a tfile me torrent.exe, “Microsoft Script Editor” has been detected as malware by 1 anti-virus scanner.

File name:

Publisher:

Microsoft Corporation (signed by Dragon Service)

Product:

2007 Microsoft Office system

Description:

Microsoft Script Editor

Version:

12.0.6606.1000

MD5:

d140c044ced5394c9fbf611a2c48092a

SHA-1:

0a989f22eaa66b71ca74eff3cb70e3369ac09def

SHA-256:

4b7962d101214be2258548170acd6500c4792b0ea262bc4790177f28d293fd8e

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

1/10/2025 3:48:36 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.1.17.4

File size:

590.5 KB (604,696 bytes)

Product version:

12.0.6606.1000

Original file name:

mse.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\kotiki vper d a tfile me torrent.exe

Digital Signature

Signed by:

Dragon Service

Authority:

COMODO CA Limited

Valid from:

7/11/2016 1:00:00 AM

Valid to:

7/12/2017 12:59:59 AM

Subject:

CN=Dragon Service, O=Dragon Service, STREET="street of Zelenograd, 39", L=Moscow, S=Moscow, PostalCode=125475, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00A6779A3F190265247A97BACBB2FD05D7

File PE Metadata

Compilation timestamp:

8/2/2016 11:17:07 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x1000

Entry point:

55, 8B, EC, 81, EC, BC, 02, 00, 00, 53, 56, 57, C6, 85, 67, FF, FF, FF, 1D, EB, 02, CD, 4F, EB, 02, 87, F7, 68, 23, 10, 40, 00, C3, CD, 83, EB, 01, 55, 8B, C0, 68, 30, 10, 40, 00, C3, 33, DD, 68, 37, 10, 40, 00, C3, 56, EB, 02, 2B, E3, C1, E8, 00, 68, 80, 20, 49, 00, FF, 15, D8, A0, 48, 00, 68, 17, 17, 00, 00, A1, 94, 2E, 49, 00, 50, FF, 15, 44, A5, 48, 00, 85, C0, 74, 05, E8, 9D, FF, FF, FF, 8B, D2, 8B, 55, 08, 8B, D2, 89, 15, 9C, 2E, 49, 00, 89, 2D, 7C, 2E, 49, 00, 68, 61, 1E, 00, 00, 8B, 0D, 94, 2E, 49... 
[+]

Entropy:

6.8258

Developed / compiled with:

Microsoft Visual C++

Code size:

545 KB (558,080 bytes)

Remove kotiki vper d a tfile me torrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.