MezaaTray.exe

Mezaa

This is part of the Sendori web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application MezaaTray.exe, “Mezaa Notification Icon” by Mezaa has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Mezaa  (signed and verified)

Product:
Mezaa

Description:
Mezaa Notification Icon

Version:
3.0.2

MD5:
bd39f8e3fb83b321a83a36d832ad8c18

SHA-1:
87a5d571c68642660a930fbb3f921921623700b5

SHA-256:
c1b804f55f8e7840d9130844dee588dbdbe0a3d37d382e30bcaac1d629713227

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 2:24:44 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sendori (M)
16.7.15.11

File size:
170.7 KB (174,824 bytes)

Product version:
3.0.2

Copyright:
© Dynamic Network Services, Inc.

Trademarks:
Dyn (sm)

Original file name:
MezaaTray.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\mezaa\mezaatray.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/25/2014 5:30:00 AM

Valid to:
6/25/2017 5:29:59 AM

Subject:
CN=Mezaa, O=Mezaa, L=San Leandro, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5882CB787D2A279BB379C1F4594407F9

File PE Metadata
Compilation timestamp:
10/7/2014 4:22:18 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:6xPYHRoP4UjLRTcDU1t/lHa1XKDskK5wdkb77C2Nvvk3:NKBRR8xKS+dyHC2Nvvk3

Entry address:
0x410E

Entry point:
E8, 2E, 23, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 10, 1A, 41, 00, FF, 15, 1C, C1, 40, 00, 85, C0, 75, 18, 56, E8, CA, 03, 00, 00, 8B, F0, FF, 15, CC, C0, 40, 00, 50, E8, 7A, 03, 00, 00, 59, 89, 06, 5E, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 58, 31, 41, 00, 00, 74, 05, E9, 50, 23, 00, 00, 57, 8B...
 
[+]

Entropy:
3.5251

Code size:
44 KB (45,056 bytes)

Remove MezaaTray.exe - Powered by Reason Core Security