mpk.exe

Mipko OOO

The application mpk.exe by Mipko OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Mipko OOO  (signed and verified)

Version:
7.4.0.1470

MD5:
5c8b09e4d53f008e5b351b2bc5863f9b

SHA-1:
eb77a9d8b1f2e730d8a76e5ba1dcc701e08c301b

SHA-256:
2a6b1a59b55234f7099e396d7ddbdfd20d404154851f9121089553f354ab5743

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/28/2024 1:03:48 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.9.28.15

File size:
1.4 MB (1,476,424 bytes)

Product version:
7.4.0.1470

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\mpk\mpk.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
11/25/2010 3:00:00 AM

Valid to:
11/25/2012 2:59:59 AM

Subject:
CN=Mipko OOO, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mipko OOO, L=Pskov, S=Pskov, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
744A4A940AA3FE09F15CC2879605C21D

File PE Metadata
Compilation timestamp:
7/19/2012 1:51:05 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:/XOW+SokcwdJH0FGAj6RSiJPPuiZwwOL9wK7bHpBA9kpPcuiwK/wnnxC73zHzuKL:/3oWdV0FGAelPNdPK3pempPczcxC7jHp

Entry address:
0x1000

Entry point:
68, 01, 40, 79, 00, E8, 01, 00, 00, 00, C3, C3, DE, 5C, C7, D8, 68, AD, 1B, 24, E1, 27, BE, AA, 62, 51, 24, F1, A8, AD, 21, 23, 58, 38, 3B, 14, 03, 9E, 33, 2A, D7, 3F, 31, 68, 1B, 13, 27, 21, DE, D0, 92, 96, 29, 1D, B7, F7, D3, 6B, C7, 52, 0A, 80, C3, 49, 7F, FF, C1, 7C, 3D, 04, DE, 79, 7C, 9D, 9A, D7, 90, 17, 10, D0, 95, 75, 72, EC, 02, 4E, 39, 68, 7B, A6, 77, 46, FE, 5B, CC, 76, C4, CC, 8C, 62, EC, C5, 7D, B9, 36, C0, 08, FA, F6, D2, 55, B8, A9, CD, 49, 93, E3, 71, EA, 3D, DC, 3F, 75, 66, 85, 98, 8B, 55...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
2.1 MB (2,248,704 bytes)

Windows Firewall Allowed Program
Name:
tcp\ip


Remove mpk.exe - Powered by Reason Core Security