home

Office 2010 Toolkit.exe

Office 2010 Toolkit

The application Office 2010 Toolkit.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from s10201.chomikuj.pl.
Product:
Office 2010 Toolkit

Version:
2.0.0.0

MD5:
90fb5b689a606ed31b8a9a0dbc9b5230

SHA-1:
7e5cf9dc783bfbeb0d92c74619d643a27d003752

SHA-256:
b3556114f4518a8c911bf5aa07aa13ea75b0db59d52441aa9cea8ca3e0aefcc9

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 2:22:23 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:PUP-gen [PUP]
2014.9-140102

Bkav FE
W32.Clod14a.Trojan
1.3.0.4613

ESET NOD32
MSIL/HackKMS (variant)
8.9290

Malwarebytes
RiskWare.Tool.CK
v2014.01.02.12

File size:
13.2 MB (13,805,056 bytes)

Product version:
2.0.0.0

Copyright:
CODYQX4

Original file name:
Office 2010 Toolkit.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\microsoft office enterprise 2010 corporate final (full activated)\office 2010 toolkit\office 2010 toolkit.exe

File PE Metadata
Compilation timestamp:
8/6/2010 10:51:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:yhWp03fQ74TlUoWvk1pUiYb7NC49ZD/SX1UFqQmNeLa1o3kYQHjOCAJ/Lsb63lqf:F74TN6SGiIDSN2UxAJDh3F

Entry address:
0xCD0DCE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 70, 00, 00, 80, 10, 00, 00, 00, 88, 00, 00, 80, 18, 00, 00, 00, A0, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 06, 00, 02, 00, 00, 00, B8, 00, 00, 80, 03, 00, 00, 00, D0, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
12.8 MB (13,430,272 bytes)

The file Office 2010 Toolkit.exe has been seen being distributed by the following URL.

http://s10201.chomikuj.pl/File.aspx?e=Yg3ewuCfhom0ccr_54v4jR8fPCWXyGDaTh5eEJ6sAeSRHEMU4haqe3eUbfExdceuD4CObHUmHuQLOoMMWS91g5Mun9pcegl5q4baYtOb-y_DhwVVfZmyN3QalOqemzcBCH2CT8EoagZtAofuEpb6Hg&pv=2

Remove Office 2010 Toolkit.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.