home

mpkview.exe

Mipko OOO

The application mpkview.exe by Mipko OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Mipko OOO  (signed and verified)

Description:
MIPKO Software

Version:
8.2.3.2169

MD5:
1520dcbf988a549cd67530f98985b346

SHA-1:
443c3dda7910ea0c294add32265cba6625ed30d4

SHA-256:
cc0a1bdbbc8a69d72d069e15eceb52a89f043024f6053aff3cec1fc03c2c7db9

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/24/2024 7:49:10 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.7.21.16

File size:
4 MB (4,218,624 bytes)

Product version:
8.2.3.2169

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\syswow64\mpk\mpkview.exe

Digital Signature
Signed by:
Mipko OOO

Authority:
VeriSign, Inc.

Valid from:
11/18/2014 3:00:00 AM

Valid to:
1/18/2016 2:59:59 AM

Subject:
CN=Mipko OOO, O=Mipko OOO, L=Pskov, S=Pskov, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
59AB06065A650283DA842466D5C3428E

File PE Metadata
Compilation timestamp:
2/2/2015 11:21:10 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:fyJLpjnaJGqj0NCOHr1GyjR2TuWQ7LfyNE1EDmJDCPS1Bw:fEdOGqj0NlL1XM+q+jHQ

Entry address:
0x1000

Entry point:
68, 01, E0, F4, 00, E8, 01, 00, 00, 00, C3, C3, EC, 8A, E6, B8, D3, 80, F9, EF, 13, 1D, 52, E8, 44, 5D, 33, 81, 53, E1, B0, 2F, B7, 2E, 1B, A7, A1, F5, 87, E0, F9, 89, AF, D2, 8E, 76, 8F, 8C, 2F, C3, A2, 26, D2, D7, CF, 0F, EB, 5E, 56, D5, 3A, CE, B4, 79, 23, 66, 8A, 11, 61, 84, 9D, 4C, B7, DC, 39, FC, 06, F1, BA, F4, B4, 48, A4, CB, AF, C9, F6, 4F, 63, 4C, 69, 43, 37, 35, 29, DD, 4D, A9, 67, 7F, 12, 71, B5, E4, 29, 12, 33, 04, A5, 89, ED, 53, F3, C8, 29, DD, A2, 8F, BE, 22, 8E, 97, 74, 5F, F9, 8B, E7, 14...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
8.2 MB (8,642,560 bytes)

Windows Firewall Allowed Program
Name:
tcp\ip


Remove mpkview.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.