wlaunchersetup2.exe

wPrograms

The executable wlaunchersetup2.exe has been detected as malware by 4 anti-virus scanners.
Publisher:
wPrograms  (signed and verified)

MD5:
ed92f457240cfcb6f42637c71e91b0e3

SHA-1:
5a57e84b01c4764658a11557dc90ef5e1e94ba81

SHA-256:
d6b9e50a99356f394cc365d0957b553bef9bb8f4157a36339b443f2566fa1b01

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
11/15/2024 9:58:28 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Crypt-SKC [Trj]
160203-1

Dr.Web
Win32.HLLP.Neshta
9.0.1.05190

McAfee
Virus.W32/HLLP.41472
18.0.204.0

VIPRE Antivirus
Threat.4297522
46962

File size:
304.1 KB (311,432 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\wlaunchersetup2.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
6/8/2015 12:00:00 AM

Valid to:
6/7/2016 11:59:59 PM

Subject:
CN=wPrograms, OU=IT Team, O=wPrograms, L=Chungju-si, S=Chungcheongbuk-do, C=KR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
1837D4D37B537CD8C87AFECBE08AF7D4

File PE Metadata
Compilation timestamp:
12/6/2009 7:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:fg9ib2GnjMlHZP0NzuUcnCU52R2+ihREKKZcB+vIe3432:5bfwlHBidU52RbijDO7v3

Entry address:
0x30FA

Entry point:
00, 00, 89, C2, 58, 52, 8B, 48, FC, E8, 44, F4, FF, FF, 5A, 58, EB, 04, F0, FF, 42, F8, 87, 10, 85, D2, 74, 14, 8B, 4A, F8, 49, 7C, 0E, F0, FF, 4A, F8, 75, 08, 8D, 42, F8, E8, 3E, F3, FF, FF, C3, 90, 85, D2, 74, 0A, 8B, 4A, F8, 41, 7E, 04, F0, FF, 42, F8, 87, 10, 85, D2, 74, 14, 8B, 4A, F8, 49, 7C, 0E, F0, FF, 4A, F8, 75, 08, 8D, 42, F8, E8, 14, F3, FF, FF, C3, 8D, 40, 00, 85, C0, 7E, 24, 50, 83, C0, 0A, 83, E0, FE, 50, E8, DF, F2, FF, FF, 5A, 66, C7, 44, 02, FE, 00, 00, 83, C0, 08, 5A, 89, 50, FC, C7, 40...
 
[+]

Entropy:
7.7023  (probably packed)

Code size:
23.5 KB (24,064 bytes)

Remove wlaunchersetup2.exe - Powered by Reason Core Security