mtkdroidtools_v253.exe

7-Zip

Igor Pavlov

The application mtkdroidtools_v253.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. The program is a setup application that uses the 7z Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from fileshare1250.depositfiles.org and multiple other hosts.
Publisher:
Igor Pavlov

Product:
7-Zip

Description:
7z SFX

Version:
9.20

MD5:
c95067099942bb3dea0acf5a5a29737a

SHA-1:
335186f49fd81efdb8159adc170e71099687ef30

SHA-256:
22cd36444984762baf5e0039288679532f78f875124b74e5c4dba4d808222bb8

Scanner detections:
21 / 68

Status:
Potentially unwanted

Analysis date:
12/13/2017 4:27:44 AM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Avira AntiVirus
Android/GetRoot.A
7.11.136.90

avast!
ELF:Lotoor-AI [PUP]
2014.9-140324

Comodo Security
UnclassifiedMalware
17914

Dr.Web
Android.Exploit.5
9.0.1.083

ESET NOD32
Android/Exploit.Lotoor.DH
8.9528

Fortinet FortiGate
Android/ZergRush.B!exploit
3/24/2014

IKARUS anti.virus
Trojan.Win32.Spy
t3scan.2.2.29

K7 AntiVirus
Exploit
13.176.11408

K7 Gateway Antivirus
Exploit
13.176.11408

Kingsoft AntiVirus
Win32.Troj.Generic_01.f.(kcloud)
331020.49267

McAfee
Artemis!C95067099942
5600.7182

McAfee Web Gateway
Artemis!C95067099942
7.7182

Microsoft Security Essentials
HackTool:AndroidOS/ZergRush.B
1.10302

NANO AntiVirus
Trojan.Win32.IframeExec.cuambo
0.28.0.58101

Norman
Troj_Generic.SFSOY
11.20140324

Quick Heal
HackTool.ZergRush (Not a Virus)
3.14.12.00

Rising Antivirus
PE:Trojan.Injector!1.9DEE
23.00.65.14322

Sophos
Andr/DroidRt-M
4.98

Trend Micro House Call
TROJ_GEN.R0CBC0RCA14
7.2.83

Trend Micro
TROJ_GEN.R0CBC0RCA14
10.465.24

VIPRE Antivirus
Trojan.Win32.Generic
27284

File size:
9.2 MB (9,661,460 bytes)

Product version:
9.20

Copyright:
Copyright (c) 1999-2010 Igor Pavlov

Original file name:
7z.sfx.exe

File type:
Executable application (Win32 EXE)

Installer:
7z Setup

File PE Metadata
Compilation timestamp:
11/18/2010 8:27:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:6Gm/kt2M24lEx8e1pnmK5bmnGbiZ391FMrAX4:6GKg2Msx0E5b2391FMX

Entry address:
0x1D262

Entry point:
55, 8B, EC, 6A, FF, 68, 20, 1E, 42, 00, 68, 5C, D2, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 04, 11, 42, 00, 59, 83, 0D, 90, BD, 42, 00, FF, 83, 0D, 94, BD, 42, 00, FF, FF, 15, 00, 11, 42, 00, 8B, 0D, 70, 9D, 42, 00, 89, 08, FF, 15, FC, 10, 42, 00, 8B, 0D, 6C, 9D, 42, 00, 89, 08, A1, 64, 11, 42, 00, 8B, 00, A3, 8C, BD, 42, 00, E8, 1C, 01, 00, 00, 39, 1D, 20, 7A, 42, 00, 75, 0C, 68, EA, D3, 41, 00, FF, 15, 0C, 11...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
124.5 KB (127,488 bytes)

The file mtkdroidtools_v253.exe has been seen being distributed by the following 50 URLs.

http://fileshare1250.depositfiles.org/auth-1431563823ab1867dcf7154e6b137bbe-201.220.243.176-2069125847-151667443-guest/.../MtkDroidTools_v253.exe

https://mega.nz/temporary/.../ucoW3BRJ

http://dc300.4shared.com/download/.../MtkDroidTools_v253.exe

http://androidhost.org/.../VLAbr

http://fileshare1250.depositfiles.com/auth-1478555819b02ed68d8eff96e42b589f-72.51.84.29-33012917-151667443-guest/.../MtkDroidTools_v253.exe

http://cs5-3.4pda.to/.../MtkDroidTools_v253.exe

http://qc1.androidfilehost.com/dl/h-KarklcAri7evgSlFTcpg/1483108682/.../MtkDroidTools_v253.exe

http://4pda.ru/.../index.php?act=attach&id=4120572&dlsess=37795d5802d3e64a9837dd53a5932a14

http://fileshare1250.depositfiles.com/auth-1483785597d67dd5c3a99bec61f90d38-92.241.40.56-83264281-151667443-guest/.../MtkDroidTools_v253.exe

http://qc1.androidfilehost.com/dl/Eylj1au2Xolzce7NDm_yIA/1483671688/.../MtkDroidTools_v253.exe

http://fileshare1250.dfiles.ru/auth-14773863011ac632f7d9967572f7c0da-37.44.115.71-20608292-151667443-guest/.../MtkDroidTools_v253.exe

http://fileshare1250.dfiles.eu/auth-14520985474684ea4dc383dc09660b03-5.147.169.150-2422245924-151667443-guest/.../MtkDroidTools_v253.exe

http://fileshare1250.depositfiles.com/auth-1475417710310835ac94425a2e4470eb-196.224.17.6-791228-151667443-guest/.../MtkDroidTools_v253.exe

http://4pda.ru/.../index.php?act=attach&id=4120572&dlsess=8f96036f666fcaf0eedb6f325fe8f87b

http://4pda.ru/.../index.php?act=attach&id=4120572&dlsess=b57d04314411d64c8cfe2e3f8ece185e

http://4pda.ru/.../index.php?act=attach&id=4120572&dlsess=8de91163746531fb0eb011ea46f59925

https://mega.nz/temporary/.../FRsxhSQI

http://4pda.ru/.../index.php?act=attach&id=4120572&dlsess=9074d16cefeeea19241da9cad8751c84

http://4pda.ru/.../index.php?act=attach&id=4120572&dlsess=7b538933c7d41c4492d39f0299bf532c

http://4pda.ru/.../index.php?act=attach&id=4120572&dlsess=103c517862aa58ddddd76ef08559f320

http://fileshare1250.depositfiles.org/auth-14737391523afb877d23d22e7c2550d0-200.84.119.103-2680273334-151667443-guest/.../MtkDroidTools_v253.exe

https://mega.co.nz/temporary/.../yg4VVBKA

http://fileshare9010.dfiles.eu/auth-13935796422c984de0c4aca6e3429c50-87.216.165.21-1301953618-151667443-guest/.../MtkDroidTools_v253.exe

http://fileshare1250.depositfiles.com/auth-14720170542fb395d124216575af61bb-112.203.155.16-2660376081-151667443-guest/.../MtkDroidTools_v253.exe

Latest 30 of 53 download URLs

Remove mtkdroidtools_v253.exe - Powered by Reason Core Security