Gridinsoft Logo
File Icon

The MCA_Selector_Setup.exe (MCA Selector Setup) File Analysis

Updated 1 month ago
Checked by Malaware Check
MCA_Selector_Setup.exe

Technical Analysis

File Name MCA_Selector_Setup.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.215.174
Database Version 2025-04-26 22:00:16 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
37,607,336
File Size (bytes)
2025-04-26
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
02f2b9fd631ab6603a27545341bf667b
SHA1
2aa07a65e5abe59ba35bb52afea4cde7c4351667
SHA256
0eed26de4de8244e37ec72b05bd744c16392eae0691c9e64f06efaf518d9a919
SHA512
03ee6a3f5eff9c9e7c9c92207fe7be428dd332c0f502917d25a6b6397e16039a13c2daa08fbf2aec71a0a93886379b68eee324042ef1e4a155a7ee8728cb1cd5
ImpHash
40ab50289f7ef5fae60801f88d4541fc

PE Analysis

Basic Information

Icon
Hash: fde348c4f0af98f316ada1a6dcac9d7e
Fuzzy: 3d7d9a7344d4997c5b3dd0739fddb38c
dHash: 66660464a6ac20a6
Image Base 0x00400000
Entry Point 0x004a7f98
Compilation Time 2025-01-08 15:36:35
Checksum 0x023dfadd (Actual: 0x023dfadd)
OS Version 6.1
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature Chain verification from CN=Querz (serial:37752340304540674590855564170172845204, sha1:4965da55746eb066e092fc560f6fcf12f724d72d) failed: The X.509 certificate provided is self-signed - "Common Name: Querz"
Imports 5 libraries
kernel32, comctl32, user32, oleaut32, advapi32
Exports 2 functions
Resources 18 Resources
Sections 11 Sections

Version Information

Comments This installation was built with Inno Setup.
CompanyName Querz
FileDescription MCA Selector Setup
FileVersion 2.5.2.0
LegalCopyright © 2018 - 2025 Querz
OriginalFileName
ProductName MCA Selector
ProductVersion 2.5.2
Translation 0x0000 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 677,380 bytes 677,888 bytes 6.38 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ E7297E2838A9A2E0B8D93DD5795F62AD
.itext 0x000a7000 5,952 bytes 6,144 bytes 6.17 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ D7D68E24FD8AA2C38C12FC0BA57EE5FC
.data 0x000a9000 14,392 bytes 14,848 bytes 4.97 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4DAF07AD25DE9A5FBCE0E8BFA5BEBF31
.bss 0x000ad000 29,304 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.idata 0x000b5000 4,076 bytes 4,096 bytes 5.02 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 627340DFF539EF99048969AA4824FB2D
.didata 0x000b6000 420 bytes 512 bytes 2.73 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE FD11C1109737963CC6CB7258063ABFD6
.edata 0x000b7000 113 bytes 512 bytes 1.31 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7DE8CA0C7A61668A728FD3A88DC0942D
.tls 0x000b8000 24 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rdata 0x000b9000 93 bytes 512 bytes 1.39 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D84006640084DC9F74A07C2FF9C7D656
.reloc 0x000ba000 68,996 bytes 69,120 bytes 6.71 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ D1DABD66B3769955F2E22E556793F48D
.rsrc 0x000cb000 15,104 bytes 15,360 bytes 4.15 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 64F2C876EEB6704D81ABBF3FF3903DB9
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 18 (14,024 bytes)
Resource Type Count Total Size Percentage
RT_ICON 1 1,384 bytes
9.9%
RT_STRING 11 8,336 bytes
59.4%
RT_RCDATA 3 912 bytes
6.5%
RT_GROUP_ICON 1 20 bytes
0.1%
RT_VERSION 1 1,412 bytes
10.1%
RT_MANIFEST 1 1,960 bytes
14%

Certificate Chain Analysis

Certificate Information
Product MCA Selector
Description MCA Selector Setup
File Version 2.5.2.0
Signing Date 09:32 PM 04/08/2025 (58 days ago)
Verification Status A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signers Querz
Copyright © 2018 - 2025 Querz
Certificate Chain Summary
Querz #1 Primary
Validity Period: 2025-02-19 18:43:01 → 2125-02-19 18:53:01
Signature Algorithm: sha256RSA
Serial Number: 1C 66 D6 15 8C B4 4F 81 49 C6 1B 74 73 6C 4C 94
DigiCert Trusted Root G4 #2 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #3 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Timestamp 2024 #4 Chain
Validity Period: 2024-09-26 00:00:00 → 2035-11-25 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0B AE 66 BC 5A BA 7F 95 87 C6 F9 E9 04 E3 33 04

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

Chain verification from CN=Querz (serial:37752340304540674590855564170172845204, sha1:4965da55746eb066e092fc560f6fcf12f724d72d) failed: The X.509 certificate provided is self-signed - "Common Name: Querz"

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware