google_nexus_4_toolkit_v1.3.0.exe

Google Nexus 4 ToolKit

skipsoft, markskippen@gmail.com

This is a setup program which is used to install the application. The file has been seen being downloaded from ubuntuone.com and multiple other hosts.
Publisher:
skipsoft, markskippen@gmail.com

Product:
Google Nexus 4 ToolKit

Version:
1.0.0.0

MD5:
9329dec02e05e802702771c47eb4fa40

SHA-1:
e4f9b2df7c7fd8045ab0462bcb90996a6f530fbe

SHA-256:
726652022c5760925ec00870c2f93b0de423a31b4fd590d6b54297cf11f63786

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/23/2024 10:29:09 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
SUSPICIOUS
2.1.4+

ViRobot
JS.A.Pakes.49951486
2011.4.7.4223

File size:
47.6 MB (49,951,486 bytes)

Product version:
1.0.0.0

Copyright:
Mark Skippen

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\google_nexus_4_toolkit_v1.3.0.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:VPUtAiSOMyp59qWekLEhZfCTAeXK4mfT9cRlUqCmGLeXg+lyE8vyjoHn3BBlYATJ:RUtlSOMm8kLEhZfCfRmfTe2qRAElyxHz

Entry address:
0x3274

Entry point:
55, 8B, EC, 83, C4, F4, B8, 3C, 32, 01, 00, E8, 98, E9, FF, FF, E8, 43, FF, FF, FF, E8, 7E, FF, FF, FF, E8, 15, FE, FF, FF, E8, AC, E4, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
9 KB (9,216 bytes)

The file google_nexus_4_toolkit_v1.3.0.exe has been seen being distributed by the following 6 URLs.

http://108.166.171.34/goodata/c606df68d9464e3a00084c700c3d1113/512566fa/devs/mskip/toolkit/.../Google_Nexus_4_ToolKit_v1.3.0.exe

http://108.166.171.38/goodata/74da0e340fa11c656603301e9ad8221c/5239fa7c/devs/mskip/toolkit/.../Google_Nexus_4_ToolKit_v1.3.0.exe

http://108.166.171.36/goodata/5f48012ba49c71c784011cd6d8f86688/5239d72e/devs/mskip/toolkit/.../Google_Nexus_4_ToolKit_v1.3.0.exe

Scan google_nexus_4_toolkit_v1.3.0.exe - Powered by Reason Core Security