home

mbam.exe

Malwarebytes Anti-Malware

Entrust.net

Publisher:
Malwarebytes Corporation  (signed by Entrust.net)

Product:
Malwarebytes Anti-Malware

Version:
1.0.0.532

MD5:
a0ffa51c035514bd62cbba2df64aa4e2

SHA-1:
38b1ed9769126ebf1eea283f24d03fb8500d201c

SHA-256:
a9cf8e53d7dd29704eb1cb79be95fbfbbeebbeb70925ca5ed302e7132fafd1ea

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/23/2024 6:44:09 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.FrauDrop!6.17C2
23.00.65.14506

File size:
46.4 MB (48,624,786 bytes)

Product version:
1.0.0.532

Copyright:
© Malwarebytes Corporation. All rights reserved.

Original file name:
mbam.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Entrust.net

Authority:
Entrust.net

Valid from:
5/25/1999 8:09:40 PM

Valid to:
5/25/2019 8:39:40 PM

Subject:
CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US

Issuer:
CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US

Serial number:
374AD243

File PE Metadata
Compilation timestamp:
5/1/2014 2:56:45 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:DavUVhD4VP9zSdqFS+EmLv3NwtJ8epuEZJxCjr55IGalmuxMRcd9Negi9nwuoxDx:De7VPBxS+EYw8eCUJjeWXxxltWz9mc

Entry address:
0x4067

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, F4, 08, 00, 00, 53, 56, 57, E8, BA, FB, FF, FF, 8B, 35, 0C, 60, AB, 00, FF, D6, 83, E0, 11, 3D, 11, 01, 00, 00, 0F, 84, AF, 03, 00, 00, FF, D6, 8B, 5C, 24, 18, A3, 0C, 50, 40, 00, E8, 89, FC, FF, FF, 8B, C8, 2B, 0D, 0C, 50, 40, 00, 6A, 03, 33, D2, 8B, C1, 5E, F7, F6, F7, C1, 00, 80, FF, FF, 0F, 85, 24, 02, 00, 00, 33, C0, 33, FF, 89, BC, 24, FC, 08, 00, 00, 66, 89, 84, 24, E8, 04, 00, 00, 89, BC, 24, BC, 04, 00, 00, 66, 89, 84, 24, A8, 00, 00, 00, E8, 45, FC, FF, FF, 8B, C8...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
16 KB (16,384 bytes)

Scan mbam.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.