dk.exe

DVD Knife

The application dk.exe, “DVD Knife Setup ” has been detected as a potentially unwanted program by 9 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Product:
DVD Knife

Description:
DVD Knife Setup

Version:
4.0

MD5:
eb497cdabb175aeba5a922de795c74ce

SHA-1:
d3c466e722dbc6b1f6c472b54efc0f89a2be5dc3

SHA-256:
4e25a63ea0fbe96e4b73212356580bae633b921d7a1abb660c67cd4b84cd2934

Scanner detections:
9 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 10:15:01 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
AdWare.W32.Persi
2.1.4+

Avira AntiVirus
ADSPY/NaviPromo.J
7.11.153.150

avast!
Win32:Relevant-S [PUP]
2014.9-140612

AVG
RelevantKnowledge
2015.0.3446

Fortinet FortiGate
Riskware/RK
6/12/2014

Kaspersky
not-a-virus:WebToolbar.Win32.RK
14.0.0.3724

Qihoo 360 Security
Win32/Virus.WebToolbar.9c5
1.0.0.1015

Sophos
Generic PUA ND
4.98

Trend Micro House Call
TROJ_GEN.R047H07CK14
7.2.163

File size:
2.3 MB (2,375,800 bytes)

Product version:
4.0

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
1/30/2013 10:21:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:Cbi3Vv/y3KN2qozxMdvKfUPDkZu5W9j1t/kctMfm9aI:7xy3KwzCyfmj6t7BL

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Entropy:
7.9764

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file dk.exe has been seen being distributed by the following URL.

Remove dk.exe - Powered by Reason Core Security