home

mpk.exe

Refog Inc.

The application mpk.exe by Refog has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Refog Inc.  (signed and verified)

Version:
8.7.1.2770

MD5:
e5867b7e686b72ddceb89830ce4d83fd

SHA-1:
c86b731be85a77fa9ff92042157c8249de6d392d

SHA-256:
c361185cb71cc973601606586568ff3c28667b649ca3423f2ceb99992428686a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/26/2024 6:38:50 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.11.21

File size:
1.9 MB (1,971,568 bytes)

Product version:
8.7.1.2770

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\syswow64\mpk\mpk.exe

Digital Signature
Signed by:
Refog Inc.

Authority:
Symantec Corporation

Valid from:
3/4/2016 1:00:00 AM

Valid to:
4/4/2018 1:59:59 AM

Subject:
CN=Refog Inc., O=Refog Inc., L=Alexandria, S=Virginia, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
50E9ECB0A3DD83DEC773133A47225D97

File PE Metadata
Compilation timestamp:
2/3/2017 10:15:03 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1000

Entry point:
68, 01, 00, 94, 00, E8, 01, 00, 00, 00, C3, C3, FB, E5, 18, 3E, BA, 3F, 17, EC, BF, 64, D9, 5A, 99, EB, BC, 96, FF, 54, BE, C9, 43, B5, FB, F7, 96, 8A, 1D, 1F, 94, C1, 77, 5F, DC, C4, 44, 49, 76, 09, 26, 11, 64, 41, E3, 1C, 87, 38, BD, 7F, EA, 24, 18, 1B, 8C, BA, CA, DB, EC, 5B, 89, 41, 14, 3A, BF, BA, 82, FB, 7F, 0C, 1C, F7, 27, C6, 43, 58, 3A, 37, E6, D1, BB, 46, A4, A0, BC, D6, 6C, 66, 73, A4, 39, 0D, ED, ED, 93, 8A, CB, A3, CD, 3E, C5, EA, E8, A5, D5, 57, 42, F9, AA, 8B, 12, 0B, 55, 5C, A5, B2, EC, 40...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
4 MB (4,143,104 bytes)

Windows Firewall Allowed Program
Name:
tcp\ip


Remove mpk.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.