home

Microsoft Toolkit.exe

Microsoft Toolkit

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-04-5o-docs.googleusercontent.com and multiple other hosts.
Product:
Microsoft Toolkit

Version:
2.4.7.0

MD5:
5557f59954ae6ec4ec73b75306cb13ca

SHA-1:
15178fb9ca0b0f8ecc67386d7365c992c3e00f80

SHA-256:
b3e7da21b88184866e2b207e5a731b351283c0cd8b572c29c30d068749774466

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/7/2024 1:14:23 AM UTC  (today)

File size:
35.1 MB (36,814,336 bytes)

Product version:
2.4.7.0

Copyright:
CODYQX4

Original file name:
Microsoft Toolkit.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\microsoft toolkit activator 2.4.7\~get your software here\microsoft toolkit.exe

File PE Metadata
Compilation timestamp:
8/3/2013 2:19:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
786432:IIBNn6KJflIiLkZziR7boa278D++ElXh1JvuV03n2lv0+:IIlJuAkp+b6oSpRQO3n2

Entry address:
0x22C21DA

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 78, A6, 05, 80, 10, 00, 00, 00, 0E, A7, 05, 80, 18, 00, 00, 00, 26, AA, 05, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 06, 00, 02, 00, 00, 00, 70, 00, 00, 80, 03, 00, 00, 00, FC, 04, 00, 80, 04, 00, 00, 00, C8, 15, 00, 80, 05, 00...
 
[+]

Entropy:
7.9873

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
34.8 MB (36,438,528 bytes)

The file Microsoft Toolkit.exe has been seen being distributed by the following 11 URLs.

https://doc-04-5o-docs.googleusercontent.com/docs/securesc/vr2fmcp3q1990pja43ifjfbnkt6b6b3a/3aorr1an5ipuojkvork1slco6ljhkbbd/1466344800000/.../16203497248058769519/0B2TJ8t_wuh8Wc0dZQzM3aEh3MkE?h=07399423560843201720&e=download

https://dl-web.dropbox.com/get/software/microsoft office proplus 2013 vl 32 bit and 64 bit en-us (aug 2013) ms toolkit activator 2.4.7/microsoft toolkit activator 2.4.7/microsoft toolkit activator 2.4.7/.../Microsoft Toolkit.exe

https://docs.google.com/uc?export=download&confirm=gTJ2&id=0B7jkw2rnDxh4bTNQNkxjZEpTVjg

ftp://172.16.1.26/.../Microsoft Toolkit.exe

https://docs.google.com/uc?export=download&confirm=hZEw&id=0B7jkw2rnDxh4bTNQNkxjZEpTVjg

http://download1006.mediafire.com/50oue6cu7exg/.../Microsoft Toolkit.exe

https://ws.cubbyusercontent.com/p/_9ca70dc6e00d428daf2b2146736ba2a9/64 Bit/.../578072282

https://doc-08-5c-docs.googleusercontent.com/docs/securesc/908voghk7r9i2kgeupm0omfu2ocs6824/q8hltvsane4ouhs849eecht2ih8oit49/1431828000000/.../10084985539497532578/0BxU6EygFI-IVazI3UnJsX05fLU0?e=download

http://download1142.mediafire.com/2gzabr6oifag/.../Microsoft Toolkit.exe

http://deepappsstore.weebly.com/uploads/2/4/7/2/.../microsoft_toolkit.exe

https://dl-web.dropbox.com/get/.../Microsoft Toolkit.exe

Scan Microsoft Toolkit.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.