msz by rezus 3 15 13 0.exe

Microsoft Application Error Reporting

OOO Kul Stil

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The file msz by rezus 3 15 13 0.exe by OOO Kul Stil has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Microsoft Corporation  (signed by OOO Kul Stil)

Product:
Microsoft Application Error Reporting

Version:
12.0.6606.1000

MD5:
744b5ea5f02edef959da54d437341045

SHA-1:
42ec24f3b1e24378fc07ba09c56b4575fc6ad995

SHA-256:
c5e22e8e1d5a32f1b71884d45043fb95987da74b1ec047dfec6e4eee7ecc25c7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 9:32:48 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.LoadMoney (M)
17.3.3.1

File size:
1018 KB (1,042,416 bytes)

Product version:
12.0.6606.1000

Copyright:
© 2006 Microsoft Corporation. All rights reserved.

Original file name:
DW20.Exe

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\msz by rezus 3 15 13 0.exe.part

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
7/19/2016 2:00:00 AM

Valid to:
7/20/2017 1:59:59 AM

Subject:
CN=OOO Kul Stil, O=OOO Kul Stil, STREET="p-t Makeeva, 42, 129", L=Miass, S=Chelabinskaya, PostalCode=456320, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0096A297EB9ACB5447A1780AED36B84995

File PE Metadata
Compilation timestamp:
8/12/2016 5:20:30 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x1020

Entry point:
55, 8B, EC, 81, EC, D0, 03, 00, 00, 68, 4C, E0, 45, 00, 8B, 45, E8, 50, FF, 15, 78, 21, 40, 00, 8B, 4D, F4, 51, 8B, 55, EC, 52, FF, 15, 2C, 20, 40, 00, 8B, 45, EC, C1, E0, E6, 89, 45, F4, 8B, 4D, F8, 0F, AF, 4D, F4, 89, 4D, F4, 8B, 55, F8, 52, FF, 15, 84, 21, 40, 00, 8B, 45, E8, 50, FF, 15, 30, 20, 40, 00, 8B, 4D, F0, C1, E1, 04, 89, 4D, E8, 8B, 55, EC, 03, 55, E8, 89, 55, F0, 8B, 45, F4, 50, FF, 15, 84, 21, 40, 00, 8B, 55, F4, 8B, 4D, EC, D3, EA, 89, 55, F4, 8B, 45, EC, 8B, 4D, E8, D3, E0, 89, 45, F8, 68...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
3.5 KB (3,584 bytes)

Remove msz by rezus 3 15 13 0.exe - Powered by Reason Core Security