mvsbtsej.exe

Dust Remove

Kaeria Dust Remove

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘MSConfig’.
Publisher:
Kaeria Dust Remove

Product:
Dust Remove

Version:
1.07.0008

MD5:
65f16fc465e52c1c4623dca54f358c86

SHA-1:
ce6b53c47d05fe1b1af00d16e2d14fdf062282d9

SHA-256:
9c5bf64165093f23d519cc7bc712b69d596942093d406476b2548b263d254ef9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/20/2019 1:59:21 PM UTC  (today)

File size:
45.4 MB (47,636,480 bytes)

Product version:
1.07.0008

Original file name:
Dust Remove.exe

File type:
Executable application (Win32 EXE)

Language:
Filipino (Philippines)

Common path:
C:\users\big\mvsbtsej.exe

File PE Metadata
Compilation timestamp:
1/28/2015 3:19:25 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:n661e38Lwn/RdQtaM1+bcqB+xiOHWnK1vj9vC2hQqs3Srrrrrrrrrrrrrrrrrrrn:nlYM8n/RdQQg+bcqq2Ky2ps3

Entry address:
0x118C

Entry point:
68, 90, 56, 41, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, A9, D7, 6D, CE, 2B, B4, 44, 4F, 81, 14, 96, 26, FA, A1, 11, C1, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 68, 62, 86, 03, 4B, 72, 61, 66, 74, 6D, 6F, 6D, 65, 6E, 74, 65, 6E, 00, 41, 00, 00, 00, 00, 00, FF, CC, 31, 00, 12, 91, 8E, 46, 61, D1, 2E, 21, 49, AC, B3, 2A, D9, BD, 86, 8D, 13, 82, A7, B8, 72, 37, 03, F3, 4C, 8F, BE, 48, B3, E6, 4C, 6F, 89, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
2.5532

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
148 KB (151,552 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MSConfig

Command:
"C:\users\big\mvsbtsej.exe"


Scan mvsbtsej.exe - Powered by Reason Core Security