home

mrt.exe

Microsoft Windows Malicious Software Removal Tool

Microsoft Corporation

MRT is an anti-malware utility that checks a PC for infection by specific, prevalent malicious software and helps to remove the infection if it is found. The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if a malware infection is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft Windows Malicious Software Removal Tool

Version:
4.21.7500.0

MD5:
bf4b063a55537d3510b649939598843a

SHA-1:
d63f513323bebac096d066d2edc58c9965ea38a6

SHA-256:
f8faeda4ff62184f93c89ce6ad9ace1b363cb16f758a5bbba564850f7cc04090

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/24/2024 11:25:25 AM UTC  (today)

File size:
70 MB (73,381,792 bytes)

Product version:
4.21.7500.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
mrt.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\mrt.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
9/12/2012 1:44:22 PM

Valid to:
6/12/2013 1:44:22 PM

Subject:
CN=Microsoft Windows, OU=AOC, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Windows Verification PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
3300000019CB58D66BE3198DB7000000000019

File PE Metadata
Compilation timestamp:
6/2/2013 8:11:12 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1572864:7lsn14Gt9O5hcZXKH/a/m/T5xS5xI5xy5xI/2/L5xZ5xO5x15xo+77/ewCeadt9y:8bUw5KH/a/m/T5xS5xI5xy5xI/2/L5xg

Entry address:
0x40790

Entry point:
E8, 13, 0E, 00, 00, E9, BE, FD, FF, FF, CC, CC, CC, CC, CC, CC, FF, 25, 10, 25, 45, 00, CC, CC, CC, CC, CC, CC, FF, 25, 0C, 25, 45, 00, CC, CC, CC, CC, CC, CC, FF, 25, 04, 25, 45, 00, CC, CC, CC, CC, CC, CC, FF, 25, 00, 25, 45, 00, CC, CC, CC, CC, CC, CC, FF, 25, FC, 24, 45, 00, CC, CC, CC, CC, CC, E9, 05, 00, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 81, EC, D0, 02, 00, 00, A1, 00, E0, 44, 00, 33, C5, 89, 45, FC, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD...
 
[+]

Entropy:
7.0651

Code size:
303.5 KB (310,784 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.