» avs4you.all.products.activator.2011.(v1.1)-mpt.exe
Overview
Analysis
File Details
Programs (2)
Downloads (4)

avs4you.all.products.activator.2011.(v1.1)-mpt.exe

Activator

MPT34M

The application avs4you.all.products.activator.2011.(v1.1)-mpt.exe, “cr4cking th3 cod3 4 fun!” has been detected as a potentially unwanted program by 19 anti-malware scanners. This is a setup program which is used to install the application. Additionally, the file is typically installed by a number of programs including AVS Document Converter 2.2.4 by Online Media Technologies Ltd. and AVS4YOU Software Navigator 1.4 by Online Media Technologies Ltd.. The file has been seen being downloaded from download2035.mediafire.com and multiple other hosts.

File name:

Publisher:

MPT34M

Product:

Activator

Description:

cr4cking th3 cod3 4 fun!

Version:

1.0

MD5:

b549b3adf2b4a2093bba346dc1df3e0c

SHA-1:

95c08e6e663ef3161d853f082126bc54566c69ff

SHA-256:

d17f5c940d65cc5db56c7d90fd17f431f5fc1fd698d098efcee302e2a1321d17

Scanner detections:

19 / 68

Status:

Potentially unwanted

Analysis date:

11/27/2024 3:54:15 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Packed/PECompact

7.1.1

Baidu Antivirus

Malware.Win32.Activator

4.0.3.131224

Bkav FE

W32.Clod53b.Trojan

1.3.0.4613

Comodo Security

UnclassifiedMalware

17490

Dr.Web

Tool.Patcher.127

9.0.1.0358

ESET NOD32

Win32/HackTool.Patcher (variant)

7.9190

Fortinet FortiGate

Riskware/Kiser

12/24/2013

IKARUS anti.virus

not-a-virus.Patch.AVS4You

t3scan.2.2.29

K7 AntiVirus

Backdoor

13.174.10609

Malwarebytes

CrackTool.Agent

v2013.12.24.09

McAfee

Artemis!B549B3ADF2B4

5600.7272

NANO AntiVirus

Riskware.Win32.Patcher.bjlvza

0.28.0.57029

Norman

Suspicious_Gen.WV

11.20131224

Rising Antivirus

PE:Trojan.Win32.Generic.12A25756!312629078

23.00.65.131222

Sophos

Generic Patcher

4.96

SUPERAntiSpyware

Trojan.Agent/Gen-Faldesc

10888

Trend Micro House Call

TROJ_SPNR.08K111

7.2.358

Trend Micro

TROJ_SPNR.08K111

10.465.24

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

24694

File size:

1.5 MB (1,571,840 bytes)

Product version:

1.0

Original file name:

Activator

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\avs.video.editor.v6.1.2.211.multilingual.mundomanuales.com\avs4you.all.products.activator.2011.(v1.1)-mpt\avs4you.all.products.activator.2011.(v1.1)-mpt.exe

File PE Metadata

Compilation timestamp:

3/12/2011 9:47:00 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

24576:bIx/YDUTqI1prh9HFHCStdoo1dwGTlxz3aCKVIC2IjAueIHY9b706Ni3sraKg7t8:bIxvdTrbHFBdD1dwGpNqCvCrzHY/g7Fg

Entry address:

0x3D86

Entry point:

B8, 50, 42, 67, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, FB, 08, 27, C5, F5, 80, A2, 66, 09, 5D, 18, 3D, 3A, 99, D7, 99, F5, 7B, 7E, FC, C3, CF, 1E, 5F, FB, C3, CB, 62, 62, 0B, 85, 45, DC, F9, B0, ED, 0C, 27, 45, 1D, 50, 0F, 27, 24, 90, 8F, C1, 11, EF, E2, 19, 50, 55, 3C, 8C, 3B, 38, 0A, 0F, 50, B0, 20, AD, 61, 2E, 4D, 8D, E0, CE, 9E, C0, 0B, 42, FF, 47, 79, 31, F6, DA, AD, C0, 8B, F8, 3B, 77, D0, 78, 63, A5, 3C, 88, E3, 0F... 
[+]

Packer / compiler:

PECompact v2

Code size:

35 KB (35,840 bytes)

The file avs4you.all.products.activator.2011.(v1.1)-mpt.exe has been discovered within the following programs.

AVS Document Converter 2.2.4 by Online Media Technologies Ltd.

Publisher's description - “Convert PDF format to the light-weight DOCX. Convert your files between DOC, PDF, DOCX, RTF, TXT, and HTML. It transfer regular text formats to e-Pub format and create your own e-books easily.”

www.avs4you.com/index.aspx

57% remove it

AVS4YOU Software Navigator 1.4 by Online Media Technologies Ltd.

AVS4YOU Software Navigator is a bundled program with most AVS4YOU products that allows the user to find additional programs created by the manufacturer.

www.avs4you.com

59% remove it

The file avs4you.all.products.activator.2011.(v1.1)-mpt.exe has been seen being distributed by the following 4 URLs.

http://download2035.mediafire.com/i2xiyex02zxg/.../Avs 6.4-Patcher.exe

http://download1488.mediafire.com/weaaqaa49dig/.../AVS4YOU.ALL.PRODUCTS.ACTIVATOR.2011.(V1.1)-MPT.EXE

about:internet

http://download1360.mediafire.com/kuoc0pv7hctg/.../Avs 6.4-Patcher.exe

Remove avs4you.all.products.activator.2011.(v1.1)-mpt.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.