home

mwLogger.exe

MirageWorks2

MirageWorks Inc.

It runs as a separate (within the context of its own process) windows Service named “MirageWorks2 mwLogger Service”.
Publisher:
MirageWorks  (signed by MirageWorks Inc.)

Product:
MirageWorks2

Description:
MirageWorks2 mwLogger

Version:
2, 1, 0, 35398

MD5:
7d90f816763cc32ceeab6002fa687df6

SHA-1:
d59a526c4fcd5dad4e5d7e043df63b1ffdaacdfa

SHA-256:
c9bc90a4ea54232b69b6604b919d0f8e376189f58011913ceaa20641d600546d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:26:49 AM UTC  (today)

File size:
72.6 KB (74,376 bytes)

Product version:
2, 1, 0, 35398

Copyright:
Copyright (c) 2011-2012 MirageWorks, All rights reserved.

Original file name:
mwLogger.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\mirageworks2\mwlogger.exe

Digital Signature
Signed by:
MirageWorks Inc.

Authority:
Thawte, Inc.

Valid from:
11/2/2011 9:00:00 AM

Valid to:
11/2/2012 8:59:59 AM

Subject:
CN=MirageWorks Inc., OU=marketing, O=MirageWorks Inc., L=Mapo-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
01FFC3CE1D7C18F4FD6646EB3CF125D7

File PE Metadata
Compilation timestamp:
8/28/2012 9:26:04 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:MVfJqmkAbUZYOsHEeAQW53Oh77/RJSVLOMNRSMv:+ySDhJJSVLOMNMK

Entry address:
0x8245

Entry point:
E8, 89, 04, 00, 00, E9, 6B, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 98, 08, 41, 00, 89, 0D, 94, 08, 41, 00, 89, 15, 90, 08, 41, 00, 89, 1D, 8C, 08, 41, 00, 89, 35, 88, 08, 41, 00, 89, 3D, 84, 08, 41, 00, 66, 8C, 15, B0, 08, 41, 00, 66, 8C, 0D, A4, 08, 41, 00, 66, 8C, 1D, 80, 08, 41, 00, 66, 8C, 05, 7C, 08, 41, 00, 66, 8C, 25, 78, 08, 41, 00, 66, 8C, 2D, 74, 08, 41, 00, 9C, 8F, 05, A8, 08, 41, 00, 8B, 45, 00, A3, 9C, 08, 41, 00, 8B, 45, 04, A3, A0, 08, 41, 00, 8D, 45, 08, A3, AC, 08, 41...
 
[+]

Entropy:
6.3209

Code size:
35 KB (35,840 bytes)

Service
Display name:
MirageWorks2 mwLogger Service

Service name:
mwLogger

Type:
Win32OwnProcess


Scan mwLogger.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.