srptm.exe

srptm

ReSoft LTD.

The application srptm.exe by ReSoft has been detected as adware by 7 anti-malware scanners. This file is typically installed with the program LPT System Updater Service by Linkury Ltd. which is a potentially unwanted software program.
Publisher:
ReSoft LTD.  (signed and verified)

Product:
srptm

Version:
1.0.0.0

MD5:
4e8b0e05b828546ad51375f94f4bd9fc

SHA-1:
1833bb6d4637a32c537a8be82244e730e432dbf2

SHA-256:
6277601ecabb9013da97115a6ca061e262c87a875ddaebafd7f0c66a8f183163

Scanner detections:
7 / 68

Status:
Adware

Analysis date:
12/27/2024 2:58:10 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.140.82

Dr.Web
Trojan.Damaged.1
9.0.1.0240

IKARUS anti.virus
PUA.Linkury
t3scan.1.6.1.0

Reason Heuristics
PUP.ReSoft.F
14.8.28.13

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10394

Trend Micro House Call
Suspicious_GEN.F47V0716
7.2.240

VIPRE Antivirus
Adware.Linkury
26354

File size:
22.5 KB (23,072 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
srptm.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\lpt\srptm.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
8/1/2013 1:00:00 AM

Valid to:
8/2/2015 12:59:59 AM

Subject:
CN=ReSoft LTD., O=ReSoft LTD., STREET=4th Hanevi'im, L=Tel Aviv, S=Israel, PostalCode=64356, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
51FA31336CEC649121E9A908289950D2

File PE Metadata
Compilation timestamp:
8/27/2014 2:32:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:HP5nB4l+eAcwdddNddJPwxFlG7+htkIZb0uGAnhCxYPLg8Jt4EN0:HP5peowvkIZd1ME5N0

Entry address:
0x52F6

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4518

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
13 KB (13,312 bytes)

The file srptm.exe has been discovered within the following program.

LPT System Updater Service  by Linkury Ltd.
This is a potentially unwanted web browser extension this is distributed and installed by PINWID LTD, ReSoft LTD., MY POP SHOP LTD and Linkury. It will display advertisements including banners and popups in the user's web browser.
81% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-184-73-230-235.compute-1.amazonaws.com  (184.73.230.235:80)

TCP (HTTP):
Connects to a173-223-106-240.deploy.static.akamaitechnologies.com  (173.223.106.240:80)

TCP (HTTP):
Connects to static.33.8.201.138.clients.your-server.de  (138.201.8.33:80)

TCP (HTTP):
Connects to mad06s09-in-f4.1e100.net  (216.58.210.132:80)

TCP (HTTP):
Connects to host99-194-110-95.serverdedicati.aruba.it  (95.110.194.99:80)

TCP (HTTP):
Connects to ec2-54-76-27-105.eu-west-1.compute.amazonaws.com  (54.76.27.105:80)

TCP (HTTP):
Connects to ec2-54-225-202-195.compute-1.amazonaws.com  (54.225.202.195:80)

TCP (HTTP):
Connects to bspb1.kavanga.ru  (194.190.117.93:80)

Remove srptm.exe - Powered by Reason Core Security