» mzcpu.exe
Overview
Analysis
File Details
Downloads (11)

mzcpu.exe

Mz CPU Accelerator

Mz Ultimate Tools

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

mzcpu.exe

Publisher:

Mz Ultimate Tools

Product:

Mz CPU Accelerator

Description:

CPU Optimization Utility

Version:

4.1.0

MD5:

a7c98484c8ebac093a24bf0dbc2a55c9

SHA-1:

d292357d407f2fad84409fc69add9cc4e7fb1533

SHA-256:

65b7936082a9f07424da8e84bacb5757f68047ae6f5a44c39885ea720669b570

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

5/8/2024 9:50:27 PM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

ADWARE-Yontoo.Gen

2.1.4+

File size:

1.3 MB (1,323,350 bytes)

Product version:

4.1.0

Michael Zacharias

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\mzcpu.exe

File PE Metadata

Compilation timestamp:

6/20/1992 8:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:hna0jK7C35NeFn6IJcSkswytUr8t3OSPHArb+KfurKuN1HcR/QYA9mwDfW:haDCp81XJcSkryrt3bPgrb+8urKk18R7

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Entropy:

7.9857

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file mzcpu.exe has been seen being distributed by the following 11 URLs.

http://gsf-cf.softonic.com/d29/235/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65274&instance=softonic_br&type=PROGRAM&Expires=1482298000&Signature=TaQV41l1OqshTJSXkgDLy6dehGsKzHsQm--XeiYLREgYxRUQ841NtXtkihkQ4s0Z-CXfuSUXqqkxlfCiWgabocrSZKuh~zA7LzlKmLFHP~i9glMmOy-5m51M4ufaghXLK2BIIPkydWqLs07KhbAimIffDXYRZVSdJXy8rnAKAIA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mzcpu.exe

http://gsf-cf.softonic.com/d29/235/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65274&instance=softonic_en&type=PROGRAM&Expires=1468050298&Signature=Zcbhcjj~ctU9FVMilObJZklnzJPSxcC-JcTOJ63r~CFP2EOw-jpqKTFbZSiO785RnnEyK6kjMoEw8JXKD73zsdgJTCaF5O380pYxovlfJVJCFyi0gOq72fbk0bPoV~tIdz23joHQZj0HkLL-KWruniMIyPqXjpQcvMv9GSZEvao_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mzcpu.exe

http://gsf-cf.softonic.com/d29/235/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65274&instance=softonic_en&type=PROGRAM&Expires=1476242656&Signature=a3czGPNkShaZBOxG~jfAwgc6t0YsBxBe2gRxEEMHh4npqqJGzU-YulDtWWfVXmTUcVMSMA0vv4Zonpj-Z0hHpiBNj8lCFeky3W3ObGg8MUUxMOJJyEo1r6udJvbbZmwwdtToEmYoFw9e2aWad~8zffX7e~3Z3VCA8rBPSu~J1OE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mzcpu.exe

http://gsf-cf.softonic.com/d29/235/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65274&instance=softonic_en&type=PROGRAM&Expires=1476799647&Signature=X7HPQ6Drdtxm6uz7HDHiVganBZgPsIXR2KVA7iruk5nmz4zTyORIMDEyGZJZzWKRkk-2eaETz8bm~O2pSymUW~aZ6noNJ7TLfoffPWR9LzX-VP7iI-s7UYsgLyL2eDH1imZfFMKOEgr-pOgSHNg22Kp0Pc-1cVl3d302c~W-wrI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mzcpu.exe

http://ec.ccm2.net/br.ccm.net/download/.../mzcpu_4.1.0.exe

http://gsf-cf.softonic.com/d29/235/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65274&instance=softonic_es&type=PROGRAM&Expires=1466063179&Signature=KYWl-TLjy~JhBVtUbjAoZTZt0uttW2WlsBrZ3LlVhHFaX6zb~RsSj31~OyTpYOa6c1R237zQiRf34xDdEhNdx6SRUIRxobsnNjO5gKsrz0EnNUf5hQb551ZZTBY5YFzY-TyTovKKFaJNiVdDkIaKEmqyA0lbCNOcGMhhPtKhJIs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mzcpu.exe

http://gsf-cf.softonic.com/d29/235/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65274&instance=softonic_br&type=PROGRAM&Expires=1463616535&Signature=TOGfgo8B5EzSRQFHASVKQ2tMOW40r0F3oHo9AU~90AqUm~k5d4Llre0Cji4~Wef69HMKpKVncbpgLMykXhgSCajMxm7oXXn3d0XXW70yXDCpQKtpulcZ-O-7dS73jTSawGeTHBjZbA0QJM7~yln4NvPUbmDqMYpBb1rO-Nbz~tU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mzcpu.exe

http://global-shared-files-l3.softonic.com/d29/235/.../file?nvb=20150124185913&nva=20150125070013&token=00c7b472a662c3deeb92c&SD_used=0&channel=WEB&fdh=no&id_file=65274&instance=softonic_en&type=PROGRAM&filename=mzcpu.exe

http://gsf-cf.softonic.com/d29/235/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65274&instance=softonic_en&type=PROGRAM&Expires=1461521274&Signature=KrssaNcEk1mqrn12zeJvu-a-lqL95MzbyeQeYfLmE8jAUSBRoznEFIxVsqxE5AdYd-co26HSrPDtFabHhZ16mz0Mx7mqfJKN2qyRQi-G4OWhtZFyrsjP8LgWXyUq9dElh5WSlOpaQ1jHrMx0x5YwuFnoOKPQaTVmzkZ0eXTyecw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mzcpu.exe

http://gsf-cf.softonic.com/d29/235/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65274&instance=softonic_en&type=PROGRAM&Expires=1443578326&Signature=DOVwS3aTtgIdxpTW2yAPpe6sKC~WsdIYvjUJ8A0~diXsdqdLaAC65rCF7YsDx~ey2hJ4TLVvbhlbQyjBEswk83mFGOJuM7SbdPdbu46yyNqHB2TAPc-wvQCxfR58GJs6GKVWBQOhyKIrJq29kn9etZtD8MsKn-ysWIn6NkEQHck_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mzcpu.exe

http://pt.kioskea.net/download/.../download-9928-

Scan mzcpu.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.