home

mbrcheck.exe

MD5:
51c23acc9e00c47ecfd1f629fd0d5356

SHA-1:
a65aa1fed7fa21edd57b00791d379ca09024fb4e

SHA-256:
2aaa0d69efcf4139fa075635a4338954e369eace822722d922d7e83e88a43075

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 11:39:45 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Detection.Undefined
7.0.302.0

File size:
78.5 KB (80,384 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mbrcheck.exe

File PE Metadata
Compilation timestamp:
8/1/2010 4:31:47 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

CTPH (ssdeep):
768:2PRR9KduMOetWjxEWd9BIdTbCgxOVKCQihc+VT:WfhpetId9Bob88EhZ

Entry address:
0x10FC6

Entry point:
B8, 10, FF, 42, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 0E, 8A, 64, 29, 31, D5, 6E, C6, 76, 05, 6C, 03, C1, DB, CD, 76, 5A, 3A, BA, 24, 01, EB, A2, 48, 4C, 43, 17, F4, 01, EC, 5F, 02, AD, 84, F8, 1E, A1, 17, E3, 35, 6C, 34, E9, 77, 88, 9E, C0, FF, B4, 9B, A7, BF, 1B, 06, 60, AC, CA, 53, 8C, B2, FF, 3F, 54, 77, 14, F1, 16, B2, 0F, 1A, 41, 00, E5, 90, C6, 9D, 92, 68, 69, 3B, 2E, B5, 0E, 77, C4, B8, 37, 02, E3, 9B, 34, 72, DD...
 
[+]

Entropy:
3.9512

Packer / compiler:
PECompact v2

Code size:
150.5 KB (154,112 bytes)

The file mbrcheck.exe has been seen being distributed by the following URL.

http://www.geekstogo.com/forum/files/go/.../mbrcheck

Scan mbrcheck.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.