File name:

ex4 to mq4 4.0.509.5 freeware.exe

Full analysis: https://app.any.run/tasks/deb393ec-650f-4bc5-bc7e-9efcec75d1ed
Verdict: No threats detected
Analysis date: November 18, 2019, 03:33:20
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5:

2150174270DC03C749E00F2D2A01A5A2

SHA1:

D7A0140E3BE850E5FD598ABF0BF912AE4E935558

SHA256:

94655B38370CFB4CF794861BEF9A62B8C229D1D8CB0733401ACAD332747B40E0

SSDEEP:

49152:U2jDSuSLuJZDtwWPaQq055MuNckCTxiErXTTtAFNsh:U76wWPNCFi1F

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.scr | Windows screen saver (60.5)
.exe | Win32 Executable (generic) (20.8)
.exe | Generic Win/DOS Executable (9.2)
.exe | DOS Executable Generic (9.2)
.vxd | VXD Driver (0.1)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2014:03:11 22:12:55+01:00
PEType: PE32
LinkerVersion: 5
CodeSize: 3215360
InitializedDataSize: 2764800
UninitializedDataSize: -
EntryPoint: 0x62cdeb
OSVersion: 5
ImageVersion: -
SubsystemVersion: 5
Subsystem: Windows GUI
FileVersionNumber: 4.0.509.5
ProductVersionNumber: 4.0.509.5
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Unicode
CompanyName: MetaQuotes Software Corp
FileDescription: EX4-TO-MQ4 Decompiler Free
FileVersion: 4.0.509.5
LegalCopyright: Copyright (C) 2007-2014 MetaQuotes Software Corp
OriginalFileName: ex4_to_mq4_freeware.exe
ProductName: EX4-TO-MQ4 Decompiler Free
ProductVersion: 4.0.509.5
No data.
screenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
34
Monitored processes
1
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start ex4 to mq4 4.0.509.5 freeware.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2584"C:\Users\admin\AppData\Local\Temp\ex4 to mq4 4.0.509.5 freeware.exe" C:\Users\admin\AppData\Local\Temp\ex4 to mq4 4.0.509.5 freeware.exeexplorer.exe
User:
admin
Company:
MetaQuotes Software Corp
Integrity Level:
MEDIUM
Description:
EX4-TO-MQ4 Decompiler Free
Exit code:
0
Version:
4.0.509.5
Modules
Images
c:\users\admin\appdata\local\temp\ex4 to mq4 4.0.509.5 freeware.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\version.dll
c:\windows\system32\winspool.drv
Total events
418
Read events
403
Write events
15
Delete events
0

Modification events

(PID) Process:(2584) ex4 to mq4 4.0.509.5 freeware.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(2584) ex4 to mq4 4.0.509.5 freeware.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRULegacy
Operation:writeName:MRUListEx
Value:
FFFFFFFF
(PID) Process:(2584) ex4 to mq4 4.0.509.5 freeware.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
Operation:writeName:NodeSlots
Value:
020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202
(PID) Process:(2584) ex4 to mq4 4.0.509.5 freeware.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
Operation:writeName:MRUListEx
Value:
02000000070000000100000009000000080000000000000006000000030000000500000004000000FFFFFFFF
(PID) Process:(2584) ex4 to mq4 4.0.509.5 freeware.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\50\ComDlgLegacy
Operation:writeName:TV_FolderType
Value:
{FBB3477E-C9E4-4B3B-A2BA-D3F5D3CD46F9}
(PID) Process:(2584) ex4 to mq4 4.0.509.5 freeware.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\50\ComDlgLegacy
Operation:writeName:TV_TopViewID
Value:
{82BA0782-5B7A-4569-B5D7-EC83085F08CC}
(PID) Process:(2584) ex4 to mq4 4.0.509.5 freeware.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\50\ComDlgLegacy
Operation:writeName:TV_TopViewVersion
Value:
0
Executable files
0
Suspicious files
0
Text files
0
Unknown types
0

Dropped files

No data
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
ex4 to mq4 4.0.509.5 freeware.exe