mkvtoolnix-unicode-6.1.0-setup.exe

MKVToolNix

Moritz Bunkus

This is a setup and installation application. The file has been seen being downloaded from downloads.ddigest.com and multiple other hosts.
Publisher:
Moritz Bunkus

Product:
MKVToolNix

Description:
MKVToolNix 6.1.0

Version:
6.1.0

MD5:
5c0c7660d478c3d0a32ef741f68529ed

SHA-1:
691d846df8a2f989665dddfe46da5717b7969d5a

SHA-256:
380c4a6da2cf41a87da3f0b087ed29b097b9ac765ff83352f5b83136a9880f1f

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
6/18/2018 8:45:42 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131227

ViRobot
Trojan.Win32.A.ShipUp.9886286
2011.4.7.4223

File size:
9.4 MB (9,886,286 bytes)

Product version:
6.1.0

Copyright:
Moritz Bunkus http://www.bunkus.org/videotools/mkvtoolnix/

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\mkvtoolnix-unicode-6.1.0-setup.exe

File PE Metadata
Compilation timestamp:
12/18/2012 5:31:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.23

CTPH (ssdeep):
196608:/SNnZLMbzIMS5WAqo16ov+CXsSOYe4I3PppSAXQYYQccwJZ19k+2fDmFe:WntAzIMSB2L3PSGYQccwJpmmo

Entry address:
0x4378

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, E8, 57, 58, 00, 00, C7, 04, 24, 01, 80, 00, 00, E8, 03, 55, 00, 00, 53, C7, 04, 24, 00, 00, 00, 00, E8, 66, 58, 00, 00, 56, A3, 40, 1B, 44, 00, C7, 04, 24, 08, 00, 00, 00, E8, 5C, 3B, 00, 00, 57, A3, 9C, 1B, 44, 00, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 8D, 85, 88, FE, FF, FF, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 01, B3, 40, 00, E8, 90, 57, 00, 00, 83, EC, 14, C7, 44, 24, 04, 02, B3, 40, 00, C7, 04, 24, A8, 1B...
 
[+]

Entropy:
7.9858  (probably packed)

Code size:
35.5 KB (36,352 bytes)

The file mkvtoolnix-unicode-6.1.0-setup.exe has been seen being distributed by the following 13 URLs.

http://downloads.ddigest.com/.../getdownload.php?sid=783&did=48&code=0zSCu87D&decode=f351bc0b67558e1231b6a131f858568b

Scan mkvtoolnix-unicode-6.1.0-setup.exe - Powered by Reason Core Security