mirrinst32.exe

DemoForge Studio

DemoForge LLC

Publisher:
DemoForge, LLC.  (signed by DemoForge LLC)

Product:
DemoForge Studio

Description:
DemoForge Mirror Driver Installer

Version:
2.0 (build 113)

MD5:
c3c396f7386a0547468af89397d47a86

SHA-1:
b35117049f666e85d098a1a60430bb9f67accefa

SHA-256:
c5921ec8255840997b3c59d069c7f5452f95540b4bc5a842c1f1967d5a5ad0a0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/30/2024 7:42:08 PM UTC  (today)

File size:
126.5 KB (129,528 bytes)

Product version:
2.0 (build 113)

Copyright:
© 2002-2008 DemoForge, LLC. All rights reserved.

Original file name:
mirrinst.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\koino\anysupport\host_kr\race\mirrinst32.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
9/12/2007 9:00:00 AM

Valid to:
9/12/2008 8:59:59 AM

Subject:
CN=DemoForge LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=DemoForge LLC, L=Tomsk, S=Tomsk, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1D5D763FC09E8A3D6B06C5D1EB5DF8EC

File PE Metadata
Compilation timestamp:
8/26/2008 8:16:54 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:8lg2IirLo2Zxd+3XagXP7Q1LI080AW0QHnjU:YfLo2n8HaMk1L99vjU

Entry address:
0x8338

Entry point:
E8, E9, 5F, 00, 00, E9, 79, FE, FF, FF, 6A, 0C, 68, 08, CD, 41, 00, E8, 72, 2D, 00, 00, 8B, 75, 08, 85, F6, 74, 75, 83, 3D, 60, 1E, 42, 00, 03, 75, 43, 6A, 04, E8, D3, 61, 00, 00, 59, 83, 65, FC, 00, 56, E8, FB, 61, 00, 00, 59, 89, 45, E4, 85, C0, 74, 09, 56, 50, E8, 1C, 62, 00, 00, 59, 59, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 83, 7D, E4, 00, 75, 37, FF, 75, 08, EB, 0A, 6A, 04, E8, BF, 60, 00, 00, 59, C3, 56, 6A, 00, FF, 35, 44, 07, 42, 00, FF, 15, FC, 60, 41, 00, 85, C0, 75, 16, E8, B6, 01, 00...
 
[+]

Entropy:
6.3338

Code size:
80.5 KB (82,432 bytes)

The file mirrinst32.exe has been discovered within the following programs.

IntelliAdmin Remote Control Server  by IntelliAdmin, LLC
www.intelliadmin.com/RemoteControl4.htm
About 9% of users remove it
Screencaster Plug-in for FF  by Dimdim Inc.
About 5% of users remove it
Screencaster Plug-in for IE  by Dimdim Inc.
About 3% of users remove it
ThinVNC Video Driver  by Cybele Software, Inc.
www.supportsmith.com
About 1% of users remove it
WebMeeting Plug-in  by Dimdim, Inc.
About 7% of users remove it
 
Powered by Should I Remove It?

The file mirrinst32.exe has been seen being distributed by the following 2 URLs.

http://www.seetrol.co.kr/.../MirrInst32.exe

Scan mirrinst32.exe - Powered by Reason Core Security