home

wkloader.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s10307.chomikuj.pl.
MD5:
7917729067da95294e6319489cb3993b

SHA-1:
03465c83c34d7c573e3834d9b3edcfdded4ba697

SHA-256:
47245eec8b909fce4d992951fea9fa70aa94adec10edc542eb74010cb0b3d199

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 4:49:43 PM UTC  (today)

File size:
4.5 KB (4,608 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
8/27/2003 1:28:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
48:687Xi0qEFhHZldwgzFb+eEB5BIACCO7u/Ca61DppR:ZqEn5l+2lYH61Dp

Entry address:
0x1000

Entry point:
56, 68, C8, 31, 40, 00, 68, 50, 30, 40, 00, 6A, 00, 6A, 00, 6A, 01, 6A, 00, 6A, 00, 6A, 00, 6A, 00, 68, 38, 30, 40, 00, FF, 15, 84, 40, 40, 00, 85, C0, 75, 1A, 50, 68, 30, 30, 40, 00, 68, 10, 30, 40, 00, 50, FF, 15, 94, 40, 40, 00, 6A, 00, FF, 15, 80, 40, 40, 00, E8, 09, 01, 00, 00, A1, 00, 30, 40, 00, 50, E8, EE, 01, 00, 00, 8B, 0D, AC, 31, 40, 00, 8B, 15, C8, 31, 40, 00, 83, C4, 04, 83, C1, C0, 6A, 00, 6A, 04, 68, 4C, 30, 40, 00, 51, 52, FF, 15, 7C, 40, 40, 00, 8B, 35, 78, 40, 40, 00, 85, C0, 75, 02, FF...
 
[+]

Code size:
1024 Bytes (1,024 bytes)

The file wkloader.exe has been seen being distributed by the following URL.

http://s10307.chomikuj.pl/File.aspx?e=WPj_Ozd0_P9VotVOKZSzzeYgrN3QzIzv3gQKm3W9lc2IIH0hSals4LuCK1bzbcAGPvoDWajVD3hQipU4rR9ApKqdndaE7h42C2acGfmqwgnGd_SEZl8EQYbetnuNqmpY1RITKGRIttxyKqk1nV1Ojw&pv=2

Scan wkloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.