mrt.exe

Microsoft Windows Malicious Software Removal Tool

Microsoft Corporation

MRT is an anti-malware utility that checks a PC for infection by specific, prevalent malicious software and helps to remove the infection if it is found. The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if a malware infection is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft Windows Malicious Software Removal Tool

Version:
5.13.10300.0

MD5:
0c3fd9a9742058b019c901773a4debe4

SHA-1:
a7d4b1f0689721ccf76cbb8c2378b1e6e76c2f77

SHA-256:
5cd747599a47e112f75c4f9d5e3a70f5b2695fff6b085ba5b0d3238e82a448b9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/5/2016 1:39:45 PM UTC  (today)

File size:
88.4 MB (92,708,840 bytes)

Product version:
5.13.10300.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
mrt.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\mrt.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
5/16/2013 1:20:13 PM

Valid to:
8/16/2014 1:20:13 PM

Subject:
CN=Microsoft Windows, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Windows Verification PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
3300000020C8E989174AADFCE6000000000020

File PE Metadata
Compilation timestamp:
6/1/2014 7:03:41 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1572864:JJr4ds9qovjXMHP/b/x/m5xX5xo5xo5xd/e/u5xz5x/5xn5xi5x15x/FUa7/AIBG:JJUQNgP/b/x/m5xX5xo5xo5xd/e/u5xR

Entry address:
0x2FF74

Entry point:
E8, 6A, 0E, 00, 00, E9, ED, FD, FF, FF, 3B, 0D, 00, A0, 43, 00, 75, 03, C2, 00, 00, E9, F8, 00, 00, 00, 6A, 14, 68, E0, 8C, 43, 00, E8, 06, 0F, 00, 00, 83, 65, DC, 00, A1, 48, D3, 43, 00, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, 94, E3, 43, 00, 59, EB, 54, 6A, 08, E8, 60, 0F, 00, 00, 59, 83, 65, FC, 00, A1, 48, D3, 43, 00, 89, 45, E4, A1, 44, D3, 43, 00, 89, 45, E0, 8D, 45, E0, 50, 8D, 45, E4, 50, FF, 75, 08, E8, 47, 0F, 00, 00, 83, C4, 0C, 8B, F0, 89, 75, DC, 8B, 4D, E4, 89, 0D, 48, D3, 43, 00...
 
[+]

Entropy:
7.1789

Code size:
224 KB (229,376 bytes)