home

mame0164b.exe

7-Zip

Igor Pavlov

The program is a setup application that uses the 7z Setup installer. The file has been seen being downloaded from www.mame.net.
Publisher:
Igor Pavlov

Product:
7-Zip

Description:
7z SFX

Version:
4.32

MD5:
958ab806608f1eb06bf9da93a1a46411

SHA-1:
74b5e736ddc8157f760bf78ca8b99ae3957565d6

SHA-256:
9e6146460cb985ff4777502e0d61a4a8fdb024b49033879365146502b3e3c089

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/16/2024 10:53:42 AM UTC  (today)

File size:
30.9 MB (32,391,756 bytes)

Product version:
4.32

Copyright:
Copyright (c) 1999-2005 Igor Pavlov

Original file name:
7z.sfx.exe

File type:
Executable application (Win32 EXE)

Installer:
7z Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\mame0164b.exe

File PE Metadata
Compilation timestamp:
12/9/2005 8:14:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:R8mr67rqXfGJlSRJcFyltaDfrKShQqD0pgPxrX25L:6y64fGscQltaDfrjhxD0pgZ25L

Entry address:
0x29C00

Entry point:
69, D6, DF, FF, 7F, 24, 0B, FA, FE, C5, 0F, BF, F9, 69, D0, FE, 6F, BF, 22, 8D, 2D, 81, F3, 01, 4B, 0F, AF, C9, 8A, CA, FF, C9, 73, 04, 84, C1, 1B, EA, E8, 00, 00, 00, 00, 5B, 85, EF, 69, CA, 81, 05, A9, 3D, 86, D4, 89, FD, 80, F9, E3, 8D, 15, DD, 46, CE, 65, F3, 81, C3, AD, 1B, 00, 00, 88, F8, 86, E0, F3, 81, EB, BF, 07, 00, 00, 80, E9, 63, 2D, 61, B4, B2, 19, 0F, AF, CD, 8B, FA, 48, F6, C2, C5, F6, C4, 7E, 80, FA, 92, 8B, D6, 18, D2, 8A, F0, F3, 76, 08, C7, C2, F5, A6, 0D, FD, 86, F2, 88, E2, 4A, 6A, 00...
 
[+]

Entropy:
8.0000  (probably packed)

Code size:
56 KB (57,344 bytes)

The file mame0164b.exe has been seen being distributed by the following URL.

http://www.mame.net/.../mame0164b.exe

Scan mame0164b.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.