» system mechanic activator.exe
Overview
Analysis
File Details
Programs (2)
Downloads (3)

system mechanic activator.exe

The program is a setup application that uses the Self-extracting archive installer. The file has been seen being downloaded from www6.zippyshare.com and multiple other hosts.

File name:

MD5:

4e24c7c697daed18c026308ed7dd3708

SHA-1:

c192bfb4e6381478bb76f369a6e39f422e3b8535

SHA-256:

53b1ae0a9b507056c808cfe18922a7e22636ca667e17c7e34d35b689696e911e

Scanner detections:

5 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/27/2024 12:29:23 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Suspicious

7.1.1

Norman

Suspicious_Gen4.FNGOQ

11.20140110

Quick Heal

(Suspicious) - DNAScan

1.14.12.00

Rising Antivirus

PE:Trojan.VB!1.690D

23.00.65.14108

Trend Micro House Call

TROJ_GEN.F47V1215

7.2.10

File size:

2.8 MB (2,938,205 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Self-extracting archive

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\system mechanic activator.exe

File PE Metadata

Compilation timestamp:

7/26/2013 2:53:37 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:aB0bd6rZBaGhdWHAodNh/8vzrWtQbg5OCWNKS6Z4euL1PG2D5xsjFDJof3a9oQB/:40uf3+Aa8vzYWgpuKLZ4eKJqF1iH7iv1

Entry address:

0x1D338

Entry point:

E8, F0, 57, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 05, FD, FF, FF, C7, 06, F4, 81, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, F4, 81, 42, 00, E9, BA, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, F4, 81, 42, 00, E8, A7, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, C9, C9, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08... 
[+]

Entropy:

7.9725 (probably packed)

Code size:

148.5 KB (152,064 bytes)

The file system mechanic activator.exe has been discovered within the following programs.

iolo technologies' System Mechanic by iolo technologies, LLC

Publisher's description - “Iolo Technologies System Mechanic The PC Accelerator Wizard will automatically optimize system settings and increase overall performance! The only tool you'll need to keep your PC running fast, smooth, and error-free.”

www.iolo.com/system-mechanic

19% remove it

iolo technologies' System Mechanic Professional by iolo technologies, LLC

22% remove it

The file system mechanic activator.exe has been seen being distributed by the following 3 URLs.

http://www6.zippyshare.com/d/58566025/.../System Mechanic Activator.exe

http://dl.firedrive.com/?key=NzMzNkY2NUQ3Qzk2NDIwNjoxNDEwMTkyNzcxLjM0MDg6ZTQ3OGVkNjQ2Y2M3MjA1NDYxMzIwMjljMTEyNDA1MTY3ODUzOTZmNQ==

Scan system mechanic activator.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.