home

oldmt2.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from go.sparkpostmail2.com and multiple other hosts.
MD5:
9b942cbaa525d98ffaf36e80e31f5df1

SHA-1:
d970086deae6aae9edceb19b05f177f8d1825ce3

SHA-256:
bfd17537cdefa54bff2e8f18127caa57d5ad0e8b03026e6d48672cee6aa52a90

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/21/2024 6:26:21 AM UTC  (today)

File size:
3.3 MB (3,502,592 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\oldmt2\oldmt2.exe

File PE Metadata
Compilation timestamp:
12/13/2012 1:38:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:vKdvfoVsjGvgPHl5ezLxK8UfGFuKpu1JSpu1ZL/REYFcQZfLHyy:DsjagPHl56LxK8UssS0L/mQfLH

Entry address:
0x355EDE

Entry point:
FF, 25, EC, 5E, 75, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 5E, 35, 00, 00, 00, 00, 00, 00, 00, 00, 00, 62, CC, C9, 50, 00, 00, 00, 00, 02, 00, 00, 00, 42, 00, 00, 00, 10, 5F, 35, 00, 10, 41, 35, 00, 52, 53, 44, 53, 3D, 7E, AE, 81, 38, 47, CF, 4E, A9, 2E, 25, A0, 2E, 35, 54, F1, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 46, 65, 72, 6B, 6F, 5C, 44, 65, 73, 6B, 74, 6F, 70, 5C, 69, 6C, 6D, 65, 72, 67, 65, 5C, 4F, 4C, 44, 4D, 54, 32, 2E, 70, 64, 62, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
3.3 MB (3,489,792 bytes)

The file oldmt2.exe has been seen being distributed by the following 3 URLs.

http://go.sparkpostmail2.com/f/a/ZZfqAOVjq_1xWhq88XJEcA~~/.../RgRZW9JCP0EIASu6pf_pR41XA3NwY1gEAAAAAFkGc2hhcmVkYA01Mi4zOC4xOTEuMjUyQgoABEJNeVfoT0ccUhNQdWN1a2E2QGZyZWVtYWlsLmh1UBlvbGRnYW1lMi1yZWdpc3Rlci1zdWNjZXNzUQQAAAACRCRodHRwOi8vcGF0Y2gub2xkZ2FtZTIubmV0L09sZE1UMi5leGVHAnt9Ew~~

http://patch.oldgame2.net/OldMT2.exe

http://patch.oldmt2.net/OldMT2.exe

Scan oldmt2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.