home

mql.exe

MQL4/MQL5 Compiler

MetaQuotes Software Corp.

This is a setup program which is used to install the application. The file has been seen being downloaded from files.metaquotes.net.
Publisher:
MetaQuotes Software Corp.  (signed and verified)

Product:
MQL4/MQL5 Compiler

Version:
5.0.0.1021

MD5:
f68f3fb4a3668b8f48e95ceefbdd81ae

SHA-1:
973ffa56475084383902cd19687e08e088e4dc21

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 6:31:55 PM UTC  (today)

File size:
1.5 MB (1,598,176 bytes)

Product version:
5.0.0.1021

Copyright:
© 2001-2014, MetaQuotes Software Corp.

Trademarks:
MetaTrader

Original file name:
MQL.dll

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:
MetaQuotes Software Corp.

Authority:
COMODO CA Limited

Valid from:
1/23/2014 7:00:00 AM

Valid to:
1/23/2017 6:59:59 AM

Subject:
CN=MetaQuotes Software Corp., O=MetaQuotes Software Corp., STREET=28 Parliament street, L=Nassau, S=none, PostalCode=none, C=BS

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
6324EFF48E7850635D538AAFF2D614C4

File PE Metadata
OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
24576:RzX5VvedqZXlO9Nf0mGbVTDXwwATk+WULlmY6OJKpXhCtjn1g3Cxmtx7rXo:1KoZXU9C/fAFXWU5PJEhCt7+Xt94

Entry address:
0x3AA224

Entry point:
68, A1, 8B, CB, 0C, 68, D9, C7, 97, F0, E9, 0B, 22, 00, 00, 36, 8D, 22, 7A, BA, 7A, 8C, C2, 9F, 86, D8, FD, 53, 80, C0, 8F, DB, 6A, B6, C5, 21, 48, 74, EE, 31, 38, C9, 2C, 4B, C4, 5E, 3F, D9, 1E, DA, 7E, 43, 73, ED, 9A, 6C, 45, 85, 73, 74, 48, AF, 20, B5, BA, EE, 05, 7D, 44, A6, 9B, 09, CE, 22, 59, C1, 68, A8, 1F, 23, E5, 12, 74, 34, 89, E8, F8, D2, CE, A8, 06, AA, 97, B3, 8D, 35, 12, 73, 08, 25, 8B, FD, 6C, 74, 4E, 61, C8, 99, 7B, 98, 2A, E0, 1F, 63, AA, 47, 4F, BA, 7A, 8C, 67, C9, 01, 63, 47, B4, 2C, 13...
 
[+]

Entropy:
7.9920  (probably packed)

Code size:
632 KB (647,168 bytes)

The file mql.exe has been seen being distributed by the following URL.

http://files.metaquotes.net/metaquotes.software.corp/.../mql.exe

Scan mql.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.