Is this Android (adb) file really infected?

I generally trust on xda forum files.
But one of them is continuosly being reported as infected.
https://www.virustotal.com/en/file/f1a3863e9c691e5598080fdefa068e54cb246a3967fe6db8bbfe6fc5860ac36d/analysis/1395495631/

The tool (setup) file is here: hxxp://www.adbtoolkit.com/_nightly_builds/#.Uy2Se1eun9N
And this is the xda forum thread of this tool: http://forum.xda-developers.com/showpost.php?p=51284232&postcount=80

Is it really infected? Or is it a phobia coming from generic signatures/heuristics? VT panic?

First submission 2012-02-10 07:16:04 UTC ( 2 years, 1 month ago )
Still detected by 33 AV … i would say that is infected…and detected as a exploit

Google the CVE number and you find out what it does…CVE-2012-0056.A

Hello,

Have you tried using the official ( http://developer.android.com/tools/help/adb.html ) instead? Is there something different in the xda variant that would want to make you install it instead of the official?

Regards,
~!Donovan

Yes, it’s part of a tool (GUI).
Answer in XDA:

mempodroid is a known exploit to gain root privileges on android. It has been packaged in its original form to aid in rooting some devices. The antivirus is correct in identifying it, but it does not affect Windows environments, and is not dangerous or harmful when used for escalating privileges on Android to gain root.
http://forum.xda-developers.com/showpost.php?p=51285503&postcount=81

Maybe it could be a PUP? What do virus lab guy think?

Well if it is indeed a “known exploit to gain root privileges” as the poster states, then the detection is valid. It is malicious in a way that gives your device more privileges through exploitation, which can be used for both good and bad purposes.

~!Donovan