mpc_3.0.8846.1218.exe

MPCSetup

DotCash Limited

The application mpc_3.0.8846.1218.exe, “MPC Setup Application” by DotCash Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from download.mpc.am.
Publisher:
DotCash Limited  (signed and verified)

Product:
MPCSetup

Description:
MPC Setup Application

Version:
3.0.8846.1218

MD5:
434090b17ad750bde9cc7121a57be4f5

SHA-1:
e58f5272fdabd176a21f97822e161fe9aca904a9

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 8:50:33 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.DotC.MPC (L)
16.7.25.1

File size:
11.2 MB (11,743,499 bytes)

Product version:
3, 0, 8846, 1218

Copyright:
Copyright (C) 2015 DotCash Limited. All Rights Reserved

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temporary internet files\content.ie5\{random}\mpc_3.0.8846.1218.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/7/2015 7:00:00 AM

Valid to:
12/30/2016 6:59:59 AM

Subject:
CN=DotCash Limited, OU=IT, O=DotCash Limited, L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1C04DCC9BE35C558422BAFEF34984975

File PE Metadata
Compilation timestamp:
8/24/2012 9:31:47 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:VRW7+oBL4TlO1oBuhZXHp9c24aaMFU+1eRzxUfwsa7WSFtsutqRd9EKZPL:VRo3lIvBA824JU71etdsAWSffK5L

Entry address:
0x371A

Entry point:
60, E8, 00, 00, 00, 00, 5B, 81, EB, D0, 48, 72, 02, 83, EC, 74, 8B, EC, 8B, 83, AB, 4B, 72, 02, 89, 45, 00, 8B, 83, B3, 4B, 72, 02, 03, 45, 00, 89, 45, 2C, 8B, 83, B7, 4B, 72, 02, 03, 45, 00, 89, 45, 30, C7, 45, 14, 00, 00, 00, 00, C7, 45, 18, 00, 00, 00, 00, C7, 45, 1C, 00, 00, 00, 00, 8B, 45, 14, FF, 45, 14, 66, 33, C9, 8A, 8C, 03, FF, 4B, 72, 02, 84, C9, 74, 7A, 8B, 45, 1C, 66, 01, 4D, 1C, 03, C3, 05, 13, 4C, 72, 02, 50, 8B, 45, 2C, FF, 10, 85, C0, 0F, 84, 5E, 02, 00, 00, 89, 45, 10, 8B, 45, 1C, 03, C3...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
26 KB (26,624 bytes)

The file mpc_3.0.8846.1218.exe has been seen being distributed by the following URL.

Remove mpc_3.0.8846.1218.exe - Powered by Reason Core Security