» maylz s planetyi buduschego miles from tomorrowland tfile ru torrent.exe
Overview
Analysis
File Details

maylz s planetyi buduschego miles from tomorrowland tfile ru torrent.exe

2007 Microsoft Office system

Dragon Service

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable maylz s planetyi buduschego miles from tomorrowland tfile ru torrent.exe, “Microsoft Script Editor” has been detected as malware by 1 anti-virus scanner.

File name:

Publisher:

Microsoft Corporation (signed by Dragon Service)

Product:

2007 Microsoft Office system

Description:

Microsoft Script Editor

Version:

12.0.6606.1000

MD5:

01daee132230bd6f16a5e32e1fa37480

SHA-1:

94395dbe7c11ef9a753bf6074837b94208b34227

SHA-256:

e9ff95846ba79850d19d372d414df0cd2a454d76d7cfaf54d773af8b30da52c3

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

1/10/2025 3:11:12 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.1.17.4

File size:

590.5 KB (604,696 bytes)

Product version:

12.0.6606.1000

Original file name:

mse.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\maylz s planetyi buduschego miles from tomorrowland tfile ru torrent.exe

Digital Signature

Signed by:

Dragon Service

Authority:

COMODO CA Limited

Valid from:

7/11/2016 1:00:00 AM

Valid to:

7/12/2017 12:59:59 AM

Subject:

CN=Dragon Service, O=Dragon Service, STREET="street of Zelenograd, 39", L=Moscow, S=Moscow, PostalCode=125475, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00A6779A3F190265247A97BACBB2FD05D7

File PE Metadata

Compilation timestamp:

8/2/2016 11:17:07 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x1000

Entry point:

55, 8B, EC, 81, EC, BC, 02, 00, 00, 53, 56, 57, C6, 85, 67, FF, FF, FF, 1D, EB, 02, CD, 4F, EB, 02, 87, F7, 68, 23, 10, 40, 00, C3, CD, 83, EB, 01, 55, 8B, C0, 68, 30, 10, 40, 00, C3, 33, DD, 68, 37, 10, 40, 00, C3, 56, EB, 02, 2B, E3, C1, E8, 00, 68, 80, 20, 49, 00, FF, 15, D8, A0, 48, 00, 68, 17, 17, 00, 00, A1, 94, 2E, 49, 00, 50, FF, 15, 44, A5, 48, 00, 85, C0, 74, 05, E8, 9D, FF, FF, FF, 8B, D2, 8B, 55, 08, 8B, D2, 89, 15, 9C, 2E, 49, 00, 89, 2D, 7C, 2E, 49, 00, 68, 61, 1E, 00, 00, 8B, 0D, 94, 2E, 49... 
[+]

Entropy:

6.8258

Developed / compiled with:

Microsoft Visual C++

Code size:

545 KB (558,080 bytes)

Remove maylz s planetyi buduschego miles from tomorrowland tfile ru torrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.