home

dp+tools+setup.exe

DPDEV

The executable dp+tools+setup.exe, “DP TOOLS 1.00 Installation ” has been detected as malware by 6 anti-virus scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from qc2.androidfilehost.com and multiple other hosts.
Publisher:
DPDEV

Description:
DP TOOLS 1.00 Installation

Version:
1.00

MD5:
9b63fc8814d7c43330e3462f3a21e8f9

SHA-1:
4d393ad1fee5676eda9f16cd7fd8a964cd14076d

SHA-256:
3df0510b17d8b78c6027f39bad9a0c739869f17a114442efd2017c7fafe2d647

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
1/13/2025 3:44:44 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.DownLoader12.33560
9.0.1.0111

Fortinet FortiGate
Riskware/Sim
4/21/2015

McAfee
Artemis!9B63FC8814D7
5600.6788

Norman
Bicololo.PW
11.20150421

Qihoo 360 Security
HEUR/QVM05.1.Malware.Gen
1.0.0.1015

Trend Micro House Call
Suspicious_GEN.F47V0417
7.2.111

File size:
5.1 MB (5,301,007 bytes)

Copyright:
DPDEV

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:pAI+PBogt04g1TjlnhHJY+KI6cfjb396o+QvG6TnaPHfFIrWsHH9IegjU:itJogt04gN5hpQID/9Ij6uPHOrLWjU

Entry address:
0x25468

Entry point:
55, 8B, EC, 83, C4, F0, B8, 88, 53, 42, 00, E8, 24, F2, FD, FF, B8, C8, 54, 42, 00, E8, 2A, 1C, FE, FF, 8B, 15, 40, 88, 42, 00, 89, 02, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, 48, 88, 42, 00, E8, E4, D3, FF, FF, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, DC, 87, 42, 00, E8, 7A, 64, FF, FF, A1, 40, 88, 42, 00, E8, AC, 4E, FE, FF, E8, DF, E0, FD, FF, 00, 00, 00, FF, FF, FF, FF, 01, 00, 00, 00, 2A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9921

Developed / compiled with:
Microsoft Visual C++

Code size:
145.5 KB (148,992 bytes)

The file dp+tools+setup.exe has been seen being distributed by the following 14 URLs.

http://qc2.androidfilehost.com/dl/2JEZQaomLsPxeU2tkAEAiA/1453248979/.../DP TOOLS setup.exe

http://qc2.androidfilehost.com/dl/NfOroA3m0rN-wrKEHqe35Q/1477763546/.../DP TOOLS setup.exe

http://qc2.androidfilehost.com/dl/I-J_tWWO_xjSk60g095Yyw/1471997720/.../DP TOOLS setup.exe

http://qc1.androidfilehost.com/dl/KpVo1j0yspSGsPmdhJtY4Q/1478656776/.../DP TOOLS setup.exe

http://qc2.androidfilehost.com/dl/nef_AY3cVbLcxZvQfWlTbw/1463405087/.../DP TOOLS setup.exe

http://www.lo4d.com/get-file/dp-tools/.../

http://qc1.androidfilehost.com/dl/W6ZXUWU1L8PdYVGwfEWXEA/1463390933/.../DP TOOLS setup.exe

http://qc1.androidfilehost.com/dl/-JZq3vvNd7dGH4epYDsfKw/1445640299/.../DP TOOLS setup.exe

http://qc4.androidfilehost.com/dl/crdec0y4yEYsX1eh3mIJ8Q/1433356422/.../DP TOOLS setup.exe

http://www.lo4d.com/get-file/dp-tools/.../

http://qc2.androidfilehost.com/dl/NF5I6WJespIfCMytA8SNbQ/1455084935/.../DP TOOLS setup.exe

https://de1.androidfilehost.com/dl/niNH0HnQSuxMDdNtWbSlew/1440638411/.../DP TOOLS setup.exe

http://tx1.androidfilehost.com/dl/QLl0Oi04xnfHikH65ti9mA/1433315366/.../DP TOOLS setup.exe

http://az1.androidfilehost.com/dl/wWVFQhVOPsbmNuZsHl61Lw/1429487629/.../DP TOOLS setup.exe

Remove dp+tools+setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.