home

ft56g1wg.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from origin.pfultd.com.
MD5:
5aa4c6dc0888ca1ad41f4653049627df

SHA-1:
4668ae5f286f27c297507a24b50c938c8bc5abbe

SHA-256:
ddc1d54d81ab7476d26c733557bf3dad519e426e7beca3386f4877a9a4ada616

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/5/2025 5:51:37 AM UTC  (today)

File size:
4.6 MB (4,866,731 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\ft56g1wg.exe

File PE Metadata
Compilation timestamp:
1/7/1990 2:08:56 PM

OS bitness:
Win16

CTPH (ssdeep):
98304:2ttO7BaPhz0j7a5VcJb4p0HTjXCxmTQ1WvtqvLXpDl8:2yaP+j2K4p0y8spXpi

Entry point:
4D, 5A, B0, 00, 12, 00, 00, 00, 20, 00, A7, 25, A7, 25, 47, 1E, 80, 00, 00, 00, 10, 00, F1, 01, 1E, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9987  (probably packed)

Code size:
0 Bytes (1 bytes)

The file ft56g1wg.exe has been seen being distributed by the following URL.

http://origin.pfultd.com/downloads/IMAGE/.../ft56g1wg.exe

Scan ft56g1wg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.