» mtkdroidtools.exe
Overview
Analysis
File Details
Network (4)

mtkdroidtools.exe

File name:

mtkdroidtools.exe

MD5:

6b94e53b3f953f2d70afaf199db63a39

SHA-1:

1a1b4a2a80c713b70fd8e93e70cb18ebf8755718

SHA-256:

0438f22959a6a10e21e7adcca9676e7e59669012fed59a3fe7e6998f4dc16044

Scanner detections:

13 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/23/2024 8:19:50 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.tuW@Y2@KyMbi

902

Baidu Antivirus

Trojan.Win32.Asim

4.0.3.14816

Bitdefender

Gen:Trojan.Heur.tuW@Y2@KyMbi

1.0.20.1140

Comodo Security

UnclassifiedMalware

18939

Emsisoft Anti-Malware

Gen:Trojan.Heur.tuW@Y2@KyMbi

8.14.08.16.01

F-Secure

Gen:Trojan.Heur.tuW@Y2@KyMbi

11.2014-16-08_7

G Data

Gen:Trojan.Heur.tuW@Y2@KyMbi

14.8.24

McAfee

Artemis!6B94E53B3F95

5600.7036

MicroWorld eScan

Gen:Trojan.Heur.tuW@Y2@KyMbi

15.0.0.684

Norman

Suspicious_Gen5.TIUO

11.20140816

Rising Antivirus

PE:Trojan.Injector!1.9DEE

23.00.65.14814

Total Defense

Win32/Inject.C!generic

37.0.11074

VIPRE Antivirus

Trojan.Win32.Generic

31506

File size:

316.5 KB (324,096 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\mtkdroidtools_v243.exe\mtkdroidtools\mtkdroidtools.exe

File PE Metadata

Compilation timestamp:

3/25/2013 5:57:33 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

6144:/nQ17imPHd84NrV9EzmhIyV1a45+UKT1Pmp+/TdTB3VZAqDTF0:/nuimPHy4NrTEzwIyVc4gvxmSpTZVZdG

Entry address:

0x1000

Entry point:

68, 34, 02, 00, 00, 68, 00, 00, 00, 00, 68, 38, F5, 44, 00, E8, FB, 13, 02, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, FA, 13, 02, 00, A3, 3C, F5, 44, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, E7, 13, 02, 00, A3, 38, F5, 44, 00, B8, 9C, 97, 44, 00, A3, 58, F5, 44, 00, E8, B2, F1, 03, 00, E8, 65, F0, 03, 00, E8, 68, C4, 03, 00, E8, BB, B9, 03, 00, E8, 5F, B9, 03, 00, E8, 09, B4, 03, 00, E8, E9, B3, 03, 00, E8, 5B, B3, 03, 00, E8, 80, A9, 03, 00, E8, 9D, A7, 03, 00, E8, 37, 90, 03, 00... 
[+]

Entropy:

6.5827

Packer / compiler:

PKLITE32, 0x1.1

Code size:

256 KB (262,144 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to misc.v.dropbox.com (108.160.172.200:80)

TCP (HTTP):

Connects to tw194-static44.tw1.com (110.93.194.44:80)

TCP (HTTP):

Connects to dg-in-f101.1e100.net (209.85.202.101:80)

Scan mtkdroidtools.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.