home

mbinst.exe

MBInstall

Rafał Baran

This is a self-extracting archive and installer. The file has been seen being downloaded from g2.proste.pl.
Publisher:
Rafał Baran

Product:
MBInstall

Description:
Instalator dla programu Magiczne Bloczki

Version:
1.1.0.2

MD5:
3cff9c67c2eb77121d65f383a71aaf06

SHA-1:
53637d99dbdc0ad49e9bd48676564e16a38da93d

SHA-256:
4ce5c6f340ef4a019c08696f835aa4a79d8a2fc9e6579b53dda044b158e90459

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/6/2024 2:27:27 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V1214
7.2.165

File size:
2.5 MB (2,658,304 bytes)

Product version:
1.0.0.0

Copyright:
Rafał Baran

File type:
Executable application (Win32 EXE)

Language:
Polish (Poland)

Common path:
C:\users\{user}\downloads\mbinst.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:3GltghHwJBCRMF42wSKTV1F1r45WqPQu/oLj2/tJ8d2OA:3Glt4Qum42tc1bU4qgLj21J8d2j

Entry address:
0x8401C

Entry point:
55, 8B, EC, 83, C4, E4, 53, 33, C0, 89, 45, EC, 89, 45, E8, 89, 45, E4, B8, 4C, 3D, 48, 00, E8, 10, 26, F8, FF, 8B, 1D, F0, 6B, 48, 00, 33, C0, 55, 68, E5, 41, 48, 00, 64, FF, 30, 64, 89, 20, 8B, 0B, B2, 01, A1, 9C, E6, 47, 00, E8, F2, 9D, FD, FF, 8B, 15, CC, 69, 48, 00, 89, 02, A1, CC, 69, 48, 00, 8B, 00, E8, 4E, E1, FD, FF, A1, CC, 69, 48, 00, 8B, 00, 8B, 10, FF, 92, 88, 00, 00, 00, 8B, 03, E8, A8, 16, FE, FF, 8B, 0D, 60, 69, 48, 00, 8B, 03, 8B, 15, 10, 34, 48, 00, E8, AD, 16, FE, FF, 8B, 0D, 6C, 6D, 48...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
525 KB (537,600 bytes)

The file mbinst.exe has been seen being distributed by the following URL.

http://g2.proste.pl/moodle/mod/.../view.php?id=779

Scan mbinst.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.