home

mt4setup.exe

Setup

MetaQuotes Software Corp.

This is a self-extracting archive and installer. This is the uninstaller utility registered in the Windows Control Panel for the program MetaTrader FLOAT by MetaQuotes Software Corp.. The file has been seen being downloaded from www.xtb.com and multiple other hosts.
Publisher:
MetaQuotes Software Corp.  (signed and verified)

Product:
Setup

Version:
5.0.0.933

MD5:
40133cd3a55109a6f3f76d1364df8bec

SHA-1:
d37736e2c1f4da5f1e1adcd954e8aae43e9b4f4a

SHA-256:
fdc31a5bc6da2482d495d2b95d18f144bff06084e5e828dbd2f948a2ff5752f5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 5:07:50 AM UTC  (today)

File size:
611.4 KB (626,048 bytes)

Product version:
5.0.0.933

Copyright:
© 2001-2014, MetaQuotes Software Corp.

Trademarks:
MetaTrader

Original file name:
Setup

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mt4setup.exe

Digital Signature
Signed by:
MetaQuotes Software Corp.

Authority:
COMODO CA Limited

Valid from:
1/22/2014 7:00:00 PM

Valid to:
1/22/2017 6:59:59 PM

Subject:
CN=MetaQuotes Software Corp., O=MetaQuotes Software Corp., STREET=28 Parliament street, L=Nassau, S=none, PostalCode=none, C=BS

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
6324EFF48E7850635D538AAFF2D614C4

File PE Metadata
Compilation timestamp:
4/28/2014 4:38:19 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:JlJpyoFydCXO3fEL4PhnX8bwCtko7Iv/50/SseNUWPRWC8GeZHS:2yAlPEL4pX+B7g5wSjNUWPp8GedS

Entry address:
0x126A20

Entry point:
60, BE, 00, 10, 4F, 00, 8D, BE, 00, 00, F1, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.6147

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
216 KB (221,184 bytes)

Program Uninstaller
Program name:
MetaTrader FLOAT

Display publisher:
MetaQuotes Software Corp.

Display version:
4.00

Uninstall string:
C:\Program Files (x86)\MetaTrader FLOAT\uninstall.exe


The file mt4setup.exe has been seen being distributed by the following 6 URLs.

https://www.xtb.com/de/.../mt4setup.exe

https://www.xtb.com/en/.../mt4setup.exe

https://xas.scdn5.secure.raxcdn.com/bundles/front/.../mt4setup.exe

https://www.xtb.com/hu/.../mt4setup.exe

https://xtbcdn.com/a/bundles/front/.../mt4setup.exe

http://xtb.co.uk/.../mt4setup.exe

Scan mt4setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.