home

migwiza.exe

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MouseDriver’. The file has been seen being downloaded from d2k54omj9vnmc1.cloudfront.net.
MD5:
2630d4b55f82b81882b481e827090e32

SHA-1:
fb18a993417f4bc2bfe8193874724e77898a5928

SHA-256:
aec22c9123359057543616e00f4e130e9c84c4fa276db554695cac0fbcb6ec64

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 10:12:56 PM UTC  (today)

File size:
235.5 KB (241,152 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\Program Files\windows xp mode\[deleted]\Windows\System32\dllcache\migwiza.exe

File PE Metadata
OS bitness:
Win16

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MouseDriver

Command:
tiltwheelmouse.exe


The file migwiza.exe has been seen being distributed by the following URL.

http://d2k54omj9vnmc1.cloudfront.net/prepreinstaller_win.exe

Scan migwiza.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.