» mcpr.exe
Overview
Analysis
File Details
Downloads (53)

mcpr.exe

McAfee ESD Package

McAfee, Inc.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from tomshardware.digidip.net and multiple other hosts.

File name:

mcpr.exe

Publisher:

McAfee, Inc. (signed and verified)

Product:

McAfee ESD Package

Version:

7.6

MD5:

d014d9560cd7db184c01bae53e766c1a

SHA-1:

d43570c653a512585026b087d53d84ea5e782ddb

SHA-256:

f291eaf4b561c80a63346db6e38e8dac6a7f3b51d4e65893a377d24e68ad6143

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/18/2024 6:47:58 AM UTC (today)

File size:

3.3 MB (3,480,040 bytes)

Product version:

7.6.133.0

Original file name:

coreESD.exe

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\mcpr.exe

Digital Signature

Signed by:

McAfee, Inc.

Authority:

VeriSign, Inc.

Valid from:

9/6/2011 2:00:00 AM

Valid to:

10/9/2014 1:59:59 AM

Subject:

CN="McAfee, Inc.", OU=IIS, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="McAfee, Inc.", L=Santa Clara, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1F99DF0A80729A4B7CB75C1C7E4B473D

File PE Metadata

Compilation timestamp:

12/5/2009 11:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:DWnUy7C2U7q702ep2SlXLzFqEXMxOqEZ1lcWHsjEViKYLuTMLzspuhzm3l0aTmLZ:DW3WheO7nnMIZ1lVVF9uBShTfgC9ieqh

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.8509

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file mcpr.exe has been seen being distributed by the following 50 URLs.

http://tomshardware.digidip.net/visit?url=http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe&ppref=https://.../

http://support-emc.services.bitdefender.com/track/click/.../download.mcafee.com?p=eyJzIjoiQV9rekFGZEF4Y2E2S0I3UkRwTkYyQ05iMFZ3IiwidiI6MSwicCI6IntcInVcIjozMDI3MDk1NCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvZG93bmxvYWQubWNhZmVlLmNvbVxcXC9wcm9kdWN0c1xcXC9saWNlbnNlZFxcXC9jdXN0X3N1cHBvcnRfcGF0Y2hlc1xcXC9NQ1BSLmV4ZVwiLFwiaWRcIjpcImY5MDlkYjIwNTZkNDQ5ODNiNmVmODE4NTM0NjhmNGU2XCIsXCJ1cmxfaWRzXCI6W1wiOWYyZjUzOGNkNzNiMjJmOWM3MjI2NTI4N2I4ZDgzNDgzNjU0YWUwZlwiXX0ifQ

http://l.facebook.com/l.php?u=http://download.mcafee.com/products/licensed/.../MCPR.exe&h=BAQH45W8V

http://srwtck.com/get?key=b11e8793cade0a4fedc9f17323b20200&ref=http://www.bleepingcomputer.com/download/mcafee-consumer-products-removal-tool/dl/51/&uid=72934839&out=http://download.mcafee.com/products/licensed/.../MCPR.exe

http://redirect.viglink.com/?format=go&jsonp=vglnk_147889839369014&key=25a82360096c162c6f7ee41205eee498&libId=ive9w2j001001il7000DAe590ht6j&loc=http://www.pchell.com/virus/uninstallmcafee.shtml&v=1&out=http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe&ref=https://www.google.com.co/&title=PC Infierno: Cómo desinstalar McAfee&txt=http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe</.../font>

http://redirect.viglink.com/?format=go&jsonp=vglnk_148294045427512&key=25a82360096c162c6f7ee41205eee498&libId=ix94dxe901001il7000DA4n6n8fny&loc=http://www.pchell.com/virus/uninstallmcafee.shtml&v=1&out=http://download.mcafee.com/products/licensed/.../MCPR.exe&ref=https://www.google.co.in/&title=PC Hell: How to Uninstall McAfee&txt=http://download.mcafee.com/products/licensed/.../MCPR.exe

http://www.techtudo.com.br/_/software/.../download

http://download.mcafee.com/products/licensed/.../McPreInstall.exe

https://www.google.com/url?hl=de&q=http://download.mcafee.com/products/licensed/.../MCPR.exe&source=gmail&ust=1477744395337000&usg=AFQjCNFBsVMCvmwyOJug-n4esu9QAtHWDw

http://www.mrtab.notlong.com/

http://jump.bdimg.com/safecheck/.../H9DHu6FD0Wi90JdQltYQzXglnKDfXVl0StgAy51Bo7QEbPaO VTcuoRQgoEwTOurqCrgk5E6 AVZHHfzHiYqUKbsJkpFloKZcZvvMcnEc2Lc0bjOTaKgXdmEFX3ZMCahZXTMDxm7iZ2BjQ=

http://dc314.4shared.com/download/.../MCPR.exe

http://url.qso4you.com/30c

http://www.techspot.com/downloads/downloadnow/.../?evp=edb2ed37deb36891a0c0bc2ade110514&file=1

http://support-emc.services.bitdefender.com/track/click/.../download.mcafee.com?p=eyJzIjoiZ1dCVEhQanYzOUIxU3ZOMktqdEk0YWZvUXJRIiwidiI6MSwicCI6IntcInVcIjozMDI3MDk1NCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvZG93bmxvYWQubWNhZmVlLmNvbVxcXC9wcm9kdWN0c1xcXC9saWNlbnNlZFxcXC9jdXN0X3N1cHBvcnRfcGF0Y2hlc1xcXC9NQ1BSLmV4ZVwiLFwiaWRcIjpcIjM3MTBjMzVmMjVlOTQ0MDlhNzJlMTU5YTYzOTgwYzg0XCIsXCJ1cmxfaWRzXCI6W1wiOWYyZjUzOGNkNzNiMjJmOWM3MjI2NTI4N2I4ZDgzNDgzNjU0YWUwZlwiXX0ifQ

https://mega.nz/temporary/.../e5F0CTTI

ftp://172.30.30.11/Antivirus Software/.../MCPR.exe

http://www.techspot.com/downloads/downloadnow/.../?evp=c9854ed34845336bc3ac8cf9860885c3&file=1

http://tinyurl.com/mcafeeremovaltool

https://www.google.com/url?q=http://support-emc.services.bitdefender.com/track/click/.../download.mcafee.com?p=eyJzIjoiZ202NTQycEMwNHREOTJ5V1RLVkxMTkgtU0hJIiwidiI6MSwicCI6IntcInVcIjozMDI3MDk1NCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvZG93bmxvYWQubWNhZmVlLmNvbVxcXC9wcm9kdWN0c1xcXC9saWNlbnNlZFxcXC9jdXN0X3N1cHBvcnRfcGF0Y2hlc1xcXC9NQ1BSLmV4ZVwiLFwiaWRcIjpcIjRjMjFkM2MxZTMwODQzZWI4ODU3ODkyMGMyOGM2MGMwXCIsXCJ1cmxfaWRzXCI6W1wiOWYyZjUzOGNkNzNiMjJmOWM3MjI2NTI4N2I4ZDgzNDgzNjU0YWUwZlwiXX0ifQ&source=gmail&ust=1464471304574000&usg=AFQjCNEgAq3lWk0KH1YkBqmSjY1NCZTfcQ

https://zima71g.storage.yandex.net/rdisk/1283d97645cb760291d423243525ae1e33cd32718b7274e58b0c609dfccb7bdd/565e0efc/XqvEu3zNy6hGcFUM9uFTxv8fo4JNV3MxemO3y4cSZmVbzOSjHcEav-n685U0Okft44BzIELI46V-xdejRgOjzw==?uid=0&filename=MCPR.exe&disposition=attachment&hash=0VxCsX38EM68uUxhc/.../x-msdownload&fsize=3480040&hid=9a9882bcff547568fe082395763ebea5&media_type=executable&tknv=v2&rtoken=876553fcd08c3e4d9acc94b407c85688&force_default=no&ycrid=na-3e2d28deb11fbb18f3b8965cb11128f2-downloader13h

http://us.mcafee.com/apps/supporttools/.../mcpr.asp

http://www.techspot.com/downloads/downloadnow/.../?evp=fc5ca71c20a23b0d6503144b44dc67a2&file=1

http://upload.cash/cRgy2?download_token=c07ae2c172ca5102d9ea9bb95aa55cda7cbe041e52020005a385eb38871ad79b

https://docs.google.com/uc?id=0B_EFZ27_EMAqLU5TU19PS3VCSVk&export=download

https://www.techsupportall.com/mcafee-uninstaller

http://ishu:2987/transfer/.../MCPR.exe

http://files2.majorgeeks.com/275d7fb2fd45098ad5c3ece2ed4a2824/.../MCPR.exe

http://blogattach.naver.net/06931aa9bce5e23e10f193ac997f0d7add8d73926b/20160131_222_blogfile/.../MCPR.exe

http://mcafee-consumer-products-removal-tool.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWvN9r34dCIdbNLuRrPzJoIMMyrbwBIOSsyl/arVYAJ652LpMAVmpuzjY by0/.../Ai36uGwhphUquKDO5DKZ6QjP6O5t0N2e2D4NdpRTA1CPOddVDhzpdcWGhWTtVSlWUjnsmoBA==

Latest 30 of 53 download URLs

Scan mcpr.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.