rkverify.exe

rkverify

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The application rkverify.exe by TMRG has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
TMRG, Inc.  (signed and verified)

Product:
rkverify

Version:
0, 2, 3, 10

MD5:
13a90680100cd1dd6e49bb3c8982b671

SHA-1:
11cd205b2d87a595bbd762ba34e6f85cc7dbced5

SHA-256:
cc93832d7ebdbe3179c883ec56c7f04122512143910b5b091e01cd63c9a4438e

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/22/2024 4:45:22 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TMRG (M)
16.5.6.1

File size:
236.6 KB (242,304 bytes)

Product version:
0, 2, 3, 10

Copyright:
Copyright (C) 2007-2009

Original file name:
rkverify.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\softwareclub.ws\sc net speed booster\rkverify.exe

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
7/17/2007 1:00:00 AM

Valid to:
9/28/2009 12:59:59 AM

Subject:
CN="TMRG, Inc.", OU=SECURE APPLICATION DEVELOPMENT, O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
02491544000D8C9D63F061B1EBAE8466

File PE Metadata
Compilation timestamp:
6/9/2009 10:49:04 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
6144:adkzyL3keSTR/G0aTBq/Enp1Qf/TNAfrbECc2CQ:agyL3k9pG5Ts/iQf/TNAzbNb

Entry address:
0xDDDF

Entry point:
6A, 60, 68, F0, F5, 41, 00, E8, 75, 23, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 39, 65, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 7C, B0, 41, 00, 8B, 4E, 10, 89, 0D, 14, 57, 42, 00, 8B, 46, 04, A3, 20, 57, 42, 00, 8B, 56, 08, 89, 15, 24, 57, 42, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 18, 57, 42, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 18, 57, 42, 00, C1, E0, 08, 03, C2, A3, 1C, 57, 42, 00, 33, F6, 56, 8B, 3D, 3C, B0, 41, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
7.1851

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
104 KB (106,496 bytes)

Remove rkverify.exe - Powered by Reason Core Security