home

update_mrs_tools_3.1.3.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.mrstools.com.
MD5:
5ef1b99122ccb2eb4d072632c0f89371

SHA-1:
8f784a42df556b25f746b9f566f7042c35d591a5

SHA-256:
41b5c4a64ad769e0db577c2616d6840916b4559c6f6ec7367bc0767a369902fa

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
8/2/2025 6:44:31 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Blacked
2015.0.3311

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.141023

Trend Micro House Call
PAK_Generic.009
7.2.298

Trend Micro
PAK_Generic.009
10.465.25

File size:
15.1 MB (15,825,170 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\handphone tools\update_mrs_tools_3.1.3.exe

File PE Metadata
Compilation timestamp:
8/16/2009 6:05:35 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:wqodqXHCOYAVwa8vLFoa10AlYHy1eodqXHCOYAVwa8vLFoa10AlYHy1S:p3BVwa8TO5AmS1K3BVwa8TO5AmS1S

Entry address:
0x117F0

Entry point:
EB, 02, 90, 90, 90, E9, 06, D8, 02, 00, C3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Packer / compiler:
FSG v1.10 (Microsoft Visual C++ 6.0 / 7.0)

Code size:
66 KB (67,584 bytes)

The file update_mrs_tools_3.1.3.exe has been seen being distributed by the following URL.

http://www.mrstools.com/.../Update_MRS_TOOLS_3.1.3.exe

Scan update_mrs_tools_3.1.3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.