teleport click - icooper.exe

The application teleport click - icooper.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from fs11n1.sendspace.com and multiple other hosts.
MD5:
a1dd774dc65db1c121072e95846fe5e9

SHA-1:
792d4a6e3441c2663857e33d3aa43349b754019a

SHA-256:
3a577ae6aa9d433e9848b9ccf087fdb95b60ba763f74e1b0d4a778c0bb2b852b

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 11:39:11 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Riskware.Trainer.Meta (L)
16.5.16.22

File size:
4 MB (4,171,776 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\teleport click - icooper.exe

File PE Metadata
Compilation timestamp:
6/28/2013 11:45:44 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:sQU9g88+NNEbLeln0XYYsWaFGcUDZrSP7+qLaBQGoGdZrYgI/b:sR9g8nIbSl/YhaIZRqLaEGdZ89b

Entry address:
0x15EB

Entry point:
E8, 1C, 1B, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 56, 8B, 75, 0C, 56, E8, AC, 27, 00, 00, 89, 45, 0C, 8B, 46, 0C, 59, A8, 82, 75, 17, E8, 6A, 03, 00, 00, C7, 00, 09, 00, 00, 00, 83, 4E, 0C, 20, 83, C8, FF, E9, 2F, 01, 00, 00, A8, 40, 74, 0D, E8, 4F, 03, 00, 00, C7, 00, 22, 00, 00, 00, EB, E3, 53, 33, DB, A8, 01, 74, 16, 89, 5E, 04, A8, 10, 0F, 84, 87, 00, 00, 00, 8B, 4E, 08, 83, E0, FE, 89, 0E, 89, 46, 0C, 8B, 46, 0C, 83, E0, EF, 83, C8, 02, 89, 46, 0C, 89, 5E, 04, 89, 5D, FC, A9, 0C, 01, 00...
 
[+]

Code size:
35.5 KB (36,352 bytes)

The file teleport click - icooper.exe has been seen being distributed by the following 17 URLs.

https://fs11n1.sendspace.com/dl/ffcc95a2bc9b4d0df8cbe2f2c4c96202/585c14a05c7044b2/.../Teleport Click - Kokukii.EXE

https://fs11n4.sendspace.com/dl/61ce36e25bfec830f05aa3d30f632d64/586379175729f621/.../Teleport Click - Kokukii.EXE

https://fs11n4.sendspace.com/dl/28dd651d2861005aa6522a8005b246c9/58a210b7228843fd/.../Teleport Click - Kokukii.EXE

https://fs11n4.sendspace.com/dl/aa59ee09b882a6ac0e5bbf1581cb31f3/5865ce7658569c4d/.../Teleport Click - Kokukii.EXE

https://fs11n4.sendspace.com/dl/c18bd6cfacf81470bafa8133fc11d9f9/577fa2ad6fadb690/.../Teleport Click - Kokukii.EXE

https://fs11n1.sendspace.com/dl/e7569ea89869833487f9188399628d40/57f9d76f65efc7d2/.../Teleport Click - Kokukii.EXE

https://fs11n2.sendspace.com/dl/1eefddfe97e6eaf5e8a4238c3d4bd2fb/58012a7e4f0af78e/.../Teleport Click - Kokukii.EXE

https://fs11n3.sendspace.com/dl/75f37dfc36d88c2d45cfbb5d18032f40/582121c56021471f/.../Teleport Click - Kokukii.EXE

https://fs11n4.sendspace.com/dl/84e6107df7c153628fa07db77d7fa40a/5811fcdb55d4e28f/.../Teleport Click - Kokukii.EXE

https://fs11n4.sendspace.com/dl/3684c9d6782fd4a73fc4352468e8238a/581e9e1c65c2ac16/.../Teleport Click - Kokukii.EXE

https://fs11n2.sendspace.com/dl/c6b2308ef38cf7e43f8db8b8bd64fc72/5828c6cf698cc96e/.../Teleport Click - Kokukii.EXE

https://fs11n2.sendspace.com/dl/bdaf4016049f3c54485b071ec061dd75/580178911eec6e97/.../Teleport Click - Kokukii.EXE

https://fs11n3.sendspace.com/dl/a7f8603fcc59d5464f3628fcdb3760f7/57d97da03d5a7870/.../Teleport Click - Kokukii.EXE

Remove teleport click - icooper.exe - Powered by Reason Core Security