home

mt.exe

北京乐动卓越科技有限公司

Publisher:
北京乐动卓越科技有限公司  (signed and verified)

MD5:
4c734fcb8f4f3838091f0b78753ebe33

SHA-1:
d6ff8b5e4816e4cf51b4b2d6cd2300fba56f9a4b

SHA-256:
7a13cd22ac88336c180751355a54c302016b3972ecf0699bfbc09b94eec32157

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/6/2024 12:41:31 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Crypt.XPACK.Gen
7.11.119.208

IKARUS anti.virus
Trojan.Win32.Spy
t3scan.2.2.29

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.14120

File size:
3.8 MB (3,986,728 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\?????\mt.exe

Digital Signature
Signed by:
北京乐动卓越科技有限公司

Authority:
VeriSign, Inc.

Valid from:
12/10/2013 8:00:00 AM

Valid to:
12/11/2014 7:59:59 AM

Subject:
CN=北京乐动卓越科技有限公司, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=北京乐动卓越科技有限公司, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
770AB839876D82785D128C2BED2A8C4C

File PE Metadata
Compilation timestamp:
12/9/2013 5:09:48 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:KDXXVL/h3pjpmQkI8lYWMdXARBRldOkq3:KbX/3pj8KdXUvUk0

Entry address:
0xED988D

Entry point:
FF, 15, 8B, 99, 2D, 01, 70, E2, 71, E0, 42, A9, 05, D0, 70, 29, 27, EE, 87, 7C, 8F, EC, 8D, 64, 24, 3C, E8, B4, D2, C3, FF, 0F, 82, 07, FE, FF, FF, C3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 56, 6A, 05, 79, 9C, 0F, 88, 47, FE, FF, FF, FF, 15, 87, 99, 2D, 01, C3, C7, 38, 23, FB, 50, B4, B3, 84, 62, C8, 1F, BD, EA, FB, 87, 1E, 49, 66, FF, 74, 24, 17, FF, 74, 24, 10, 8D, 64, 24, 02, 11, C9, E9, D8, FD, FF, FF, 66, 89, 4C, 24, 01, 0F, 89, B2, 00, 00, 00, E9, AD, 00, 00, 00, 65, 96, 8D, 59, F2, 12, 14, BD...
 
[+]

Entropy:
7.8937  (probably packed)

Code size:
1.5 MB (1,582,592 bytes)

Scan mt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.