mk.exe

Mp3 Knife

The application mk.exe, “Mp3 Knife Setup ” has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Product:
Mp3 Knife

Description:
Mp3 Knife Setup

Version:
3.6

MD5:
721bec2ff94f1d8172f70b734bf10722

SHA-1:
ad81c63884f8a7e5d0725fca34d439091017d484

SHA-256:
27ca0ecd7e6173af294cde98dc506e93451f6e309a9ed4a40a041a7c31834f3e

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 9:30:31 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADSPY/NaviPromo.J
7.11.157.226

avast!
Win32:Relevant-S [PUP]
2014.9-140710

AVG
RelevantKnowledge
2015.0.3417

Fortinet FortiGate
Riskware/RK
7/10/2014

K7 AntiVirus
Riskware
13.180.12586

Kaspersky
not-a-virus:WebToolbar.Win32.RK
14.0.0.3582

McAfee
Artemis!721BEC2FF94F
5600.7073

Qihoo 360 Security
Win32/Virus.WebToolbar.9c5
1.0.0.1015

Quick Heal
WebToolbar.RK.g8 (Not a Virus)
7.14.14.00

Sophos
Generic PUA KN
4.98

Trend Micro House Call
TROJ_GEN.R047H07CJ14
7.2.191

File size:
2.3 MB (2,380,114 bytes)

Product version:
3.6

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mk.exe

File PE Metadata
Compilation timestamp:
1/30/2013 3:21:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:CtlF02+/bb4+/GqTZe/azkGR8tbCCpAjqeki27vNj690ctMfm9aI:slO/bbJ7zk/hzujV2Bj6xBL

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file mk.exe has been seen being distributed by the following 5 URLs.

http://www.vins.co.il/.../mp3-knife

Remove mk.exe - Powered by Reason Core Security