home

mpk.exe

Mipko OOO

The application mpk.exe by Mipko OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Mipko OOO  (signed and verified)

Version:
8.2.3.2170

MD5:
1ba6214e2ba0ae47c3c8727d80068901

SHA-1:
41646ac19315191b07caa83c53251605d696c9ea

SHA-256:
da8c6bd068aa7b6c60d723461142709a9f484fc28d71846e20f417c40e091357

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 11:33:27 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.7.14

File size:
1.8 MB (1,838,848 bytes)

Product version:
8.2.3.2170

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\mpk\mpk.exe

Digital Signature
Signed by:
Mipko OOO

Authority:
VeriSign, Inc.

Valid from:
11/18/2014 2:00:00 AM

Valid to:
1/18/2016 1:59:59 AM

Subject:
CN=Mipko OOO, O=Mipko OOO, L=Pskov, S=Pskov, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
59AB06065A650283DA842466D5C3428E

File PE Metadata
Compilation timestamp:
2/4/2015 3:54:38 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1000

Entry point:
68, 01, 50, 97, 00, E8, 01, 00, 00, 00, C3, C3, 7C, EA, 4B, 0F, 03, B4, ED, B7, 80, 55, FC, BF, 40, E9, CF, FF, A9, 0B, 3C, 23, E2, FD, 5A, D9, 35, 7B, 7F, 30, 33, 73, F7, 7F, 85, D0, BA, 9E, 0E, 37, 80, 61, B5, FD, 64, 0C, 74, 33, D6, 1E, 6B, B9, 64, 09, 7F, 8C, EA, 80, C8, 4D, 03, 4B, BE, 47, 25, B1, A2, 33, B8, 81, 71, F5, D6, D2, 00, 47, 7D, 70, DE, 6C, 84, 0A, 2E, 63, 04, 34, E7, 69, DE, F5, 02, 4B, CC, A5, 1A, 45, 77, 9C, D0, D2, 48, CC, 6F, 3F, AB, FE, 12, 49, 99, 31, 7F, F9, F6, BC, 52, 31, FB, 81...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
4.2 MB (4,357,632 bytes)

Windows Firewall Allowed Program
Name:
tcp\ip


Remove mpk.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.