» mcm2trial.exe
Overview
Analysis
File Details
Downloads (9)

mcm2trial.exe

Microsoft Games

Microsoft Corporation

This is a setup and installation application. The file has been seen being downloaded from stahnu.cz and multiple other hosts.

File name:

mcm2trial.exe

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft Games

Description:

Microsoft Games AutoRun/Setup

Version:

1.2000.04.2507

MD5:

5c0e74fd9604f52d8036626795e4968b

SHA-1:

2ebf580d7ccd05a506629f550bfdf00fc38b6c5d

SHA-256:

06c04652ed5b253a39a3a550690ac75da269e139d88aba738b89159c087656e6

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/25/2024 4:05:56 AM UTC (today)

File size:

40.8 MB (42,817,032 bytes)

Product version:

1.0.0.0

Trademarks:

Original file name:

Setup.Exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\warcraft iii\maps\mcm2trial.exe

Digital Signature

Signed by:

Microsoft Corporation

Authority:

VeriSign, Inc.

Valid from:

4/3/2000 6:00:00 PM

Valid to:

4/17/2001 5:59:59 PM

Subject:

OU=Microsoft Corporation, CN=Microsoft Corporation, L=Redmond, S=Washington, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU="www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)98", OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Issuer:

OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Serial number:

75F28EF8A8FBEA6D11529714954B655C

File PE Metadata

Compilation timestamp:

4/25/2000 2:40:12 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:mrCA9udXOdL9p465xJpTJjcG/4GmT7Z4aHSwXJiyspHI89N:FPWL9i6TLr/zmTd9H5Z5y

Entry address:

0x457F5

Entry point:

55, 8B, EC, 6A, FF, 68, 80, 7E, 45, 00, 68, 5C, 9F, 44, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, D8, 61, 45, 00, 33, D2, 8A, D4, 89, 15, 98, A9, 46, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 94, A9, 46, 00, C1, E1, 08, 03, CA, 89, 0D, 90, A9, 46, 00, C1, E8, 10, A3, 8C, A9, 46, 00, 6A, 01, E8, D5, 45, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 55, 44, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75... 
[+]

Entropy:

7.9988

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

340 KB (348,160 bytes)

The file mcm2trial.exe has been seen being distributed by the following 9 URLs.

http://stahnu.cz/download/zavodni-hry/motocross-madness-2/7smjmbdcp9kas369sc6b41gmm3/.../motocross-madness-2_1.0.exe

http://www.gamershell.com/download.html?id=4086&mirror=17&cat=demo&filename=MCM2Trial.exe&ts=1450469163&auth=ssfi5oyg

http://download.microsoft.com/download/motocross2K/Trial/1.0/WIN98/.../MCM2Trial.exe

http://soubory.instaluj.cz/dwl/2f1a57822ea0b1eedac437ff4034c942/hry/sport/.../MCM2Trial.exe

http://ftp-stahuj.centrum.cz/dl/478a2cf17cb9f2f14928648ecc4a774f/56e56145/stahuj/download/software/secured/m/motocross-madness/.../MCM2Trial.exe

http://soubory.instaluj.cz/dwl/097ac9849669f62464a52e56befe8606/hry/sport/.../MCM2Trial.exe

http://www.jonneweb.net/.../dl_start.php?f=63&m=2

http://download.informer.com/.../mcm2trial.exe

http://microsoft-motocross-madness1.software.informer.com/.../

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.