home

mpxbox.EXE

MPXBox 응용 프로그램

MarkAny Inc.

The executable mpxbox.EXE, “MPXBox MFC 응용 프로그램” has been detected as malware by 9 anti-virus scanners.
Publisher:
Marktek Inc.  (signed by MarkAny Inc.)

Product:
MPXBox 응용 프로그램

Description:
MPXBox MFC 응용 프로그램

Version:
1, 2, 0, 2

MD5:
353d2fe9565d8d20bc1913311647ec95

SHA-1:
c69c1995393347ee21f5c8c2f0ca53e3f9aae9cd

SHA-256:
b362353f694f552d5d334ed361cba01d8c4dcb03e44234b3318688c3e097870a

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
4/25/2024 11:25:09 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Parite
160119-0

AVG
Win32/Parite
2015.0.4522

Dr.Web
Win32.Parite.1
9.0.1.05190

Emsisoft Anti-Malware
Win32.Parite
10.0.0.5366

ESET NOD32
Win32/Parite.A virus
7.0.302.0

McAfee
Virus.W32/Pate.a
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.5053.0

Norman
Win32.Parite.A
11.01.2016 17:30:26

VIPRE Antivirus
Threat.46248
46912

File size:
565.8 KB (579,328 bytes)

Product version:
1, 2, 0, 2

Copyright:
Copyright (C) 2004 Marktek Inc.

Trademarks:
XSync - Marktek Inc.

Original file name:
mpxbox.EXE

File type:
Executable application (Win32 EXE)

Language:
Korean

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\contentsafer\mpxbox.exe

Digital Signature
Signed by:
MarkAny Inc.

Authority:
VeriSign, Inc.

Valid from:
2/2/2007 8:00:00 AM

Valid to:
2/3/2008 7:59:59 AM

Subject:
CN=MarkAny Inc., OU=Software Development Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=MarkAny Inc., L=Jung-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
31BFC0616F27F7414E146840E38B22AE

File PE Metadata
Compilation timestamp:
9/29/2007 3:37:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:G6hLaUskhOFfgaTJCv1K/hmzYPmouac9s9p:njsfgaTJkGhdRuad9p

Entry address:
0x65000

Entry point:
68, 14, 7F, 03, 00, 5B, 68, 1A, 50, 46, 00, 5A, 68, C4, 06, 00, 00, 5E, 31, 1C, 32, 83, EE, 03, 4E, 75, F7, 90, 90, 90, FC, 02, 02, 00, 14, 7F, 03, 00, 14, 7F, 43, 00, 06, 5F, 02, 00, B4, 61, 05, 00, 14, 58, 05, 00, 14, CF, 01, 00, 15, 7F, 03, 00, 00, 7E, 40, 00, 50, D9, 40, 00, 4A, D9, 40, 00, 90, E5, 00, 00, 56, D9, 00, 00, 48, D9, 00, 00, 00, 7E, 00, 00, 56, D9, 00, 00, 48, D9, 00, 00, 14, 7F, 03, 00, 14, 7F, 03, 00, 14, 7F, 03, 00, 14, 7F, 03, 00, F0, 7E, 40, 00, 14, 7F, 03, 00, 14, 7F, 03, 00, 14, 7F...
 
[+]

Entropy:
6.8935

Code size:
188 KB (192,512 bytes)

Remove mpxbox.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.