home

cat.exe

Geek Squad MRI Toolset

Geek Squad, Inc

Publisher:
Geek Squad  (signed by Geek Squad, Inc)

Product:
Geek Squad MRI Toolset

Description:
MRI Covert Agent Tools

Version:
5.10.1.2274

MD5:
1bef8c679d985115f814cd7c7a3376ca

SHA-1:
c6a30396628c07c0f719629a83d5e8d0f8e0782a

SHA-256:
b1a159e4159fe454b8084eecdde15f242cc6a2bbb8a11be5e9a7387429da562a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 7:06:34 PM UTC  (today)

File size:
234.3 KB (239,920 bytes)

Product version:
5.10.1.2274

Copyright:
Confidential Trade Secret of ©2004-2015 Best Buy Enterprise Services, Inc. For internal use only.

Original file name:
CovertAgentTools.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\logmein rescue applet\lmir0001.tmp\toolset\cat.exe

Digital Signature
Signed by:
Geek Squad, Inc

Authority:
Symantec Corporation

Valid from:
10/13/2015 4:00:00 PM

Valid to:
11/12/2018 2:59:59 PM

Subject:
CN="Geek Squad, Inc", O="Geek Squad, Inc", L=Richfield, S=Minnesota, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
3B77D05F156C7C1C3F21AC8913ECD579

File PE Metadata
Compilation timestamp:
11/6/2015 11:56:56 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
3072:htc4Phr/LQgD9NahdYA4w2jzWXBN9HY4MmhQe7QfCfchUX7FSl8cIzDyAAMG:Htr/0g2t4b0mOie7uK7QCcGuB

Entry address:
0x1000

Entry point:
B8, AC, AC, 4A, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, A0, 21, 28, 3F, 15, F2, 5D, 2A, 81, 21, 84, 2C, 51, 0E, 8D, 81, EB, A9, 9F, 12, CB, 18, 80, 83, 27, BC, B4, 4C, D7, 7F, E2, 20, BE, DF, 64, B6, 3F, 11, 4F, 66, C2, 95, BD, A8, E7, C5, 2B, 6C, 16, DC, 2B, 6C, 5F, 06, 38, F9, 90, C0, CF, BE, FB, 3A, 5C, 7B, 69, AA, 26, 05, 0A, E4, 4A, 68, 82, 2E, 68, 18, 78, 7F, D0, BA, D9, D5, 67, 99, B9, F0, 79, E3, 48, 06, 0F, E3, 44...
 
[+]

Entropy:
7.5918

Packer / compiler:
PECompact v2

Code size:
298 KB (305,152 bytes)

Scan cat.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.