home

mzreveal.exe

MD5:
d6f01babfdbf68922d7ab19af46d6181

SHA-1:
e7d786429eacab0be097f6596c4f2b765aa99177

SHA-256:
fc102b4b22eddcf7e6d92144f4b94abfeb10c2ca914d432f72725c07c827ed12

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/2/2025 6:36:59 AM UTC  (today)

File size:
20.5 KB (20,992 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
11/1/2014 12:37:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.50

CTPH (ssdeep):
384:Belkl7UHnfMyvjhLhPdTcgl+fKzz2zqY7ce:mkBUHfMyFLcLfK3je

Entry address:
0x1000

Entry point:
68, 18, 00, 00, 00, 68, 00, 12, 00, 00, 68, 68, 67, 00, 11, E8, AC, 18, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, A5, 18, 00, 00, A3, 6C, 67, 00, 11, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, 92, 18, 00, 00, A3, 68, 67, 00, 11, E8, CC, 33, 00, 00, E8, 67, 26, 00, 00, E8, 3B, 1F, 00, 00, E8, AD, 1D, 00, 00, BA, 10, 61, 00, 11, 8D, 0D, 7C, 67, 00, 11, E8, 55, 18, 00, 00, C7, 05, 70, 67, 00, 11, 00, 00, 00, 00, C7, 05, 78, 67, 00, 11, 00, 00, 00, 00, E8, F3, 0F, 00, 00, 68, 00, 00, 00...
 
[+]

Entropy:
5.6036

Packer / compiler:
PKLITE32, 0x1.1

Code size:
16 KB (16,384 bytes)

The file mzreveal.exe has been seen being distributed by the following URL.

http://trax.x10.mx/mzreveal.exe

Scan mzreveal.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.