» mntz_installer.exe
Overview
Analysis
File Details
Downloads (1)

mntz_installer.exe

The executable mntz_installer.exe has been detected as malware by 13 anti-virus scanners. The file has been seen being downloaded from shooky-26-05-2015.s3-website-us-east-1.amazonaws.com.

File name:

mntz_installer.exe

MD5:

e95173e79baba2c9b442e13ec07ebc93

SHA-1:

bf72000a7249f201f44cfcbe2eabd4c09aaa3082

SHA-256:

199ee6979918f4154c5feff3774558f7d381274a091bb84d959023049fa18c40

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

12/26/2024 1:16:17 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.FU.XMW@ainPRwei

619

Avira AntiVirus

TR/Spy.Agent.2901504

8.3.1.6

avast!

Win32:Malware-gen

2014.9-150605

AVG

FileCryptor

2016.0.3097

Bitdefender

Gen:Trojan.Heur.FU.XMW@ainPRwei

1.0.20.735

Emsisoft Anti-Malware

Gen:Trojan.Heur.FU.XMW@ainPRwei

8.15.05.27.04

F-Secure

Gen:Trojan.Heur.FU.XMW@ainPRwei

11.2015-27-05_4

G Data

Gen:Trojan.Heur.FU.XMW@ainPRwei

15.5.25

MicroWorld eScan

Gen:Trojan.Heur.FU.XMW@ainPRwei

16.0.0.441

Qihoo 360 Security

HEUR/QVM20.1.Malware.Gen

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

15.6.5.11

Trend Micro House Call

TROJ_GEN.R0C1H09EQ15

7.2.147

VIPRE Antivirus

Trojan.Win32.Generic

40588

File size:

2.8 MB (2,901,504 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\mntz_installer.exe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.24

CTPH (ssdeep):

24576:7gJYmt6OjIvfqV2pwBxY/HiVE4kM8kWfPno3VZv+zN1m7pHpkeCZgKW:ZOsvi2pwBxY/CVE4kM8kbV+1d

Entry address:

0x12C0

Entry point:

83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, 74, 24, 63, 00, E8, AB, FE, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, B0, 24, 63, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, A0, 24, 63, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 70, 58, 00, E8, BA, 13, 10, 00, BA, B0, EE, 50, 00, 83, EC, 04, 85, C0, 74, 15, C7, 44, 24, 04, 13, 70, 58, 00, 89, 04, 24, E8, A6, 13, 10, 00, 83, EC, 08, 89, C2, 85, D2, 74, 11, C7, 44, 24, 04, 08, 10, 63, 00, C7... 
[+]

Entropy:

6.0615

Code size:

1.5 MB (1,567,232 bytes)

The file mntz_installer.exe has been seen being distributed by the following URL.

http://shooky-26-05-2015.s3-website-us-east-1.amazonaws.com/prepreinstaller.exe

Remove mntz_installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.