home

mpk.exe

Mipko OOO

The application mpk.exe by Mipko OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Mipko OOO  (signed and verified)

Version:
7.5.0.1500

MD5:
8d922ebb2f5b6d0db141394e828fea10

SHA-1:
ecd9368f69067435c23fa11b6209aa8361ff6cd8

SHA-256:
e934afc1022c8d01ba4fa02dffd9146a6a9e88124f4eafb2dc61fbff125ce8fb

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/28/2024 12:21:57 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.10.6.15

File size:
1.4 MB (1,484,616 bytes)

Product version:
7.5.0.1500

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\mpk1\mpk.exe

Digital Signature
Signed by:
Mipko OOO

Authority:
VeriSign, Inc.

Valid from:
11/25/2010 2:00:00 AM

Valid to:
11/25/2012 1:59:59 AM

Subject:
CN=Mipko OOO, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mipko OOO, L=Pskov, S=Pskov, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
744A4A940AA3FE09F15CC2879605C21D

File PE Metadata
Compilation timestamp:
10/8/2012 3:48:44 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:VSgNOGKOc1CXRp2a3b2hjLv+8bBUZrhj66n7SK5Cvt3je0Am7JdEu:VSggOc1opdW+8bGPjF7DCVjfJ

Entry address:
0x1000

Entry point:
68, 01, 40, 79, 00, E8, 01, 00, 00, 00, C3, C3, DE, 5C, C7, D8, 68, AD, 1B, 24, E1, 27, BE, AA, 62, 2A, FC, B5, FC, C8, 14, 8B, D8, 5A, 11, 39, 44, 85, 73, 7F, 8D, 68, B3, C0, 3F, 21, 45, 07, D3, 5D, FE, 8C, EF, BC, 67, 64, A9, 35, AA, 3A, 69, 90, C5, 7A, CE, DD, BD, 21, E2, 0F, D2, 54, AA, 28, 5C, 5F, 93, CF, 91, 26, 5F, 69, 72, EC, 22, 4E, 39, 68, 4E, 16, 6E, EA, 33, 38, D7, 6B, 75, B2, 49, 48, 78, 0E, F7, EC, 07, 54, 81, BA, 5F, B1, 7F, 21, C9, 2F, DD, 55, 66, C7, B9, 09, F0, 62, D4, 6F, 76, D8, 34, 0C...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
2.1 MB (2,250,752 bytes)

Windows Firewall Allowed Program
Name:
tcp\ip


Remove mpk.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.