teleport click - tfm.exe

The application teleport click - tfm.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from fs02n3.sendspace.com and multiple other hosts.
MD5:
eac8ec325058e959ff405a32a9219125

SHA-1:
488aaaedd58f423017ed531a791454282af8bc22

SHA-256:
9c37117a6a67aa534220147110d394dafd44643c5f7afb766b45ff6579af578a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 3:05:08 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Riskware.Trainer.Meta (L)
16.1.19.0

File size:
4.1 MB (4,272,640 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\teleport click - tfm.exe

File PE Metadata
Compilation timestamp:
6/28/2013 11:45:44 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:BTpfPIqycekJ2dGCWvqhsdOEPuDkGxdcNpteZwbo:NpnIXcZCWvqWsqSheRc3

Entry address:
0x15EB

Entry point:
E8, 1C, 1B, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 56, 8B, 75, 0C, 56, E8, AC, 27, 00, 00, 89, 45, 0C, 8B, 46, 0C, 59, A8, 82, 75, 17, E8, 6A, 03, 00, 00, C7, 00, 09, 00, 00, 00, 83, 4E, 0C, 20, 83, C8, FF, E9, 2F, 01, 00, 00, A8, 40, 74, 0D, E8, 4F, 03, 00, 00, C7, 00, 22, 00, 00, 00, EB, E3, 53, 33, DB, A8, 01, 74, 16, 89, 5E, 04, A8, 10, 0F, 84, 87, 00, 00, 00, 8B, 4E, 08, 83, E0, FE, 89, 0E, 89, 46, 0C, 8B, 46, 0C, 83, E0, EF, 83, C8, 02, 89, 46, 0C, 89, 5E, 04, 89, 5D, FC, A9, 0C, 01, 00...
 
[+]

Code size:
35.5 KB (36,352 bytes)

The file teleport click - tfm.exe has been seen being distributed by the following 32 URLs.

https://fs02n3.sendspace.com/dl/b1cb369032757de4fda61003c3737d53/57b0aa3310762e86/.../Teleport Click - TFM.EXE

https://fs02n2.sendspace.com/dl/9cde6bcc2142f8a4e5cec67b331cd208/587147bd12081160/.../Teleport Click - TFM.EXE

https://fs02n1.sendspace.com/dl/537e22d5e88e73bcfd1888c5c5878340/5861b2a10a9a4265/.../Teleport Click - TFM.EXE

https://fs02n5.sendspace.com/dl/fdbd4323b0436d7feaef920e0ff0c7f4/5765982b59db2e75/.../Teleport Click - TFM.EXE

https://fs02n3.sendspace.com/dl/62ed66075f4ded193f3279038d4f9865/571d56d03c82e7bb/.../Teleport Click - TFM.EXE

https://fs02n1.sendspace.com/dl/cbd2560d92474a98957b35fa485dff8e/58420f2b099fc405/.../Teleport Click - TFM.EXE

https://fs02n1.sendspace.com/dl/7a356fe12233fcaab08f3c260cc24edb/57532fcf512b648e/.../Teleport Click - TFM.EXE

https://fs02n2.sendspace.com/dl/efdd56cc23221016864fe08cbf488c5f/571cebd55018e59e/.../Teleport Click - TFM.EXE

https://fs02n5.sendspace.com/dl/2a5305406b96a1a86f171d4f6eee73b3/5836049e7f8568c8/.../Teleport Click - TFM.EXE

https://fs02n5.sendspace.com/dl/5e0fda976d239dc680685775e1fbc5d9/5798315028894582/.../Teleport Click - TFM.EXE

https://fs02n4.sendspace.com/dl/c5d62706c4614d759d1bf99e775a92ff/575724dd7956b44a/.../Teleport Click - TFM.EXE

https://fs02n3.sendspace.com/dl/e8a03439be0f204476da3d666e8f3f85/57091f3a21ad28a1/.../Teleport Click - TFM.EXE

Latest 30 of 32 download URLs

Remove teleport click - tfm.exe - Powered by Reason Core Security