home

mpkview.exe

Refog Inc.

The application mpkview.exe by Refog has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Refog Inc.  (signed and verified)

Version:
8.7.1.2770

MD5:
7ae602956b875df78603c05cc1528796

SHA-1:
b01499d03f90a746a5dbaf5ae56b769447f7d7dd

SHA-256:
2557d35d4d26321e6d337add0a3c7f09522dfea93a18ca02b814bd92e0571d55

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/26/2024 5:40:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.8.19

File size:
4.6 MB (4,854,128 bytes)

Product version:
8.7.1.2770

File type:
Executable application (Win32 EXE)

Language:
English (United States d'America)

Common path:
C:\windows\syswow64\mpk\mpkview.exe

Digital Signature
Signed by:
Refog Inc.

Authority:
Symantec Corporation

Valid from:
3/4/2016 1:00:00 AM

Valid to:
4/4/2018 1:59:59 AM

Subject:
CN=Refog Inc., O=Refog Inc., L=Alexandria, S=Virginia, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
50E9ECB0A3DD83DEC773133A47225D97

File PE Metadata
Compilation timestamp:
2/3/2017 10:16:04 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1000

Entry point:
68, 01, 20, F6, 00, E8, 01, 00, 00, 00, C3, C3, FB, E5, 18, 96, 90, 9F, 17, FC, BF, 24, DD, 5A, 1A, 6C, 6D, 96, FD, 48, 56, C9, 43, B5, FB, F7, 96, 8A, 04, 84, 8C, F5, 51, 3E, 6D, C3, 7A, B6, BB, 8A, EA, FF, A0, 99, CE, 18, 36, 2E, 57, BA, 7C, F2, 08, B4, 09, D4, E7, DD, 2D, A9, D0, 59, 2B, DF, 41, 4E, F9, A5, 41, BD, F6, 61, 8B, C1, 0A, EB, FB, 9C, BB, D5, 35, 29, 65, 97, DF, 6D, BC, 70, BF, 1D, 54, 72, 5D, F5, B1, E9, 48, D0, FC, FF, 4D, 39, 2A, D3, 51, 57, 42, F9, AA, 8B, 10, 1B, 55, 5C, A5, B2, EC, 40...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
8.3 MB (8,739,840 bytes)

Windows Firewall Allowed Program
Name:
tcp\ip


Remove mpkview.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.