» mt4setup.exe
Overview
Analysis
File Details
Programs (1)
Downloads (3)

mt4setup.exe

Setup

MetaQuotes Software Corp.

This is a setup and installation application. This is installed with MetaTrader 4. The file has been seen being downloaded from www.google.com and multiple other hosts.

File name:

mt4setup.exe

Publisher:

MetaQuotes Software Corp. (signed and verified)

Product:

Setup

Version:

5.0.0.1277

MD5:

e59ac018811410a94ca69cd6caeb45f1

SHA-1:

c4858a47486875b9ad87044e1be583f7fdc5c328

SHA-256:

a8d257e2f2e2a076cb11c96e8c4d09a4bf71c70a5e6b90b250efe1111bdfc179

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

1/2/2025 7:30:45 PM UTC (today)

File size:

583.1 KB (597,064 bytes)

Product version:

5.0.0.1277

Trademarks:

MetaTrader

Original file name:

Setup

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\mt4setup.exe

Digital Signature

Signed by:

MetaQuotes Software Corp.

Authority:

COMODO CA Limited

Valid from:

1/20/2016 3:00:00 AM

Valid to:

1/23/2017 2:59:59 AM

Subject:

CN=MetaQuotes Software Corp., O=MetaQuotes Software Corp., STREET=28 Parliament street, L=Nassau, S=-, PostalCode=--, C=BS

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

7DE9798EC91AB947541B1FB544DCDE28

File PE Metadata

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

12288:izoLiJSGpBi+Ho8w58C7CD5zlO8TIkFEEOn7ZSDIwRswrZJ:1ezfFH/z555Eu9RsEZJ

Entry address:

0x1ACF70

Entry point:

60, BE, 00, 50, 56, 00, 8D, BE, 00, C0, E9, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B... 
[+]

Entropy:

7.5837

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:

292 KB (299,008 bytes)

The file mt4setup.exe has been discovered within the following program.

MetaTrader 4 by MetaQuotes Software Corp.

Publisher's description - “MetaTrader 4 is the cutting-edge online trading platform designed to provide brokerage services to customers in Forex, CFD and Futures markets. This is what you need to establish your own brokerage services business and serve traders in the financial markets.”

www.metaquotes.net/en/metatrader4

7% remove it

The file mt4setup.exe has been seen being distributed by the following 3 URLs.

https://www.google.com/url?hl=en&q=https://download.mql5.com/cdn/web/metaquotes.software.corp/.../mt4setup.exe

https://xtbcdn.com/a/bundles/front/.../mt4setup.exe

https://download.mql5.com/cdn/web/metaquotes.software.corp/.../mt4setup.exe

Scan mt4setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.