WPE PRO.EXE

WPE PRO Application

The application WPE PRO.EXE, “WPE PRO MFC Application” has been detected as a potentially unwanted program by 33 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dla.uloz.to and multiple other hosts.
Product:
WPE PRO Application

Description:
WPE PRO MFC Application

Version:
1, 0, 0, 1

MD5:
4dec13d4647a6c33dae32cfde38a746e

SHA-1:
bb41d9ec80d6b88c74161025394022696a69dc18

SHA-256:
d5dff0e8eb5d25b4f7fe47c141d23306417db94e50873c9737b7461fda391a64

Scanner detections:
33 / 68

Status:
Potentially unwanted

Analysis date:
12/28/2024 12:14:51 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Sniffer.Wpepro.F
1080

Agnitum Outpost
Trojan.Agent
7.1.1

AhnLab V3 Security
Win-Trojan/Sniffer.827456
2014.02.06

Avira AntiVirus
SPR/Tool.WpePro
7.11.129.138

avast!
Win32:PUP-gen [PUP]
2014.9-140219

AVG
HackTool
2015.0.3558

Baidu Antivirus
Malware.Win32.RiskTool
4.0.3.14219

Bitdefender
Application.Sniffer.Wpepro.F
1.0.20.250

Clam AntiVirus
Sniffer.WPE.A
0.98/18355

Comodo Security
TrojWare.Win32.HackTool.Sniffer.WPEPRO
17737

ESET NOD32
Win32/Sniffer.WpePro
8.9386

Fortinet FortiGate
W32/WpePro.A!tr.bdr
2/19/2014

F-Prot
W32/MalwareF.OAED
v6.4.7.1.166

F-Secure
Trojan:W32/Agent.DQRR
11.2014-19-02_4

G Data
Application.Sniffer.Wpepro
14.2.24

IKARUS anti.virus
not-a-virus:Sniffer.Wpe
t3scan.2.2.29

K7 AntiVirus
Riskware
13.175.11074

Kaspersky
HackTool.Win32.Sniffer.WpePro
14.0.0.4286

Malwarebytes
HackTool.Sniffer.WpePro
v2014.02.19.06

McAfee
Sniff-WpePro
5600.7214

Microsoft Security Essentials
HackTool:Win32/WpePro
1.165.247.01

MicroWorld eScan
Application.Sniffer.Wpepro.F
15.0.0.150

NANO AntiVirus
Riskware.Win32.Sniffer-WpePro.hrnw
0.28.0.57630

Norman
WpePro.D
11.20140219

nProtect
Abuse-Worry/W32.Sniff.831488
14.02.05.01

Panda Antivirus
Sniffer/WpePro
14.02.19.06

Quick Heal
HackTool.Sniffer.WpePro.rxi (Not a Virus)
2.14.12.00

Rising Antivirus
PE:Trojan.Win32.Generic.11E2F497!300086423
23.00.65.14217

Sophos
Troj/WpePro-B
4.97

Total Defense
Win32/WPEPro.A
37.0.10744

Vba32 AntiVirus
Backdoor.Hupigon
3.12.24.3

VIPRE Antivirus
Sniffer.Win32.WpePro.a (not malicious)
26172

XVirus List
Win.Detected
2.3.31

File size:
812 KB (831,488 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2001

Original file name:
WPE PRO.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\wpe pro.exe

File PE Metadata
Compilation timestamp:
3/23/2004 8:41:37 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:S3v6sgx8iIivBmxWb30XJe4s1lPSOCx8zmRaar5kuHer2zHhaJsICKU7:S/6tIu3Ujs1VDCx3GuDJK

Entry address:
0x4E076

Entry point:
55, 8B, EC, 6A, FF, 68, 10, B7, 49, 00, 68, 24, 44, 45, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 04, F4, 48, 00, 33, D2, 8A, D4, 89, 15, D8, 0A, 4D, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, D4, 0A, 4D, 00, C1, E1, 08, 03, CA, 89, 0D, D0, 0A, 4D, 00, C1, E8, 10, A3, CC, 0A, 4D, 00, 6A, 01, E8, D5, 50, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 66, 32, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Code size:
568 KB (581,632 bytes)

The file WPE PRO.EXE has been seen being distributed by the following 2 URLs.

http://dla.uloz.to/Ps;Hs;fid=57322113;cid=5570900;rid=126303457;up=0;uip=213.216.59.94;tm=1475598728;ut=f;aff=uloz.to;did=uloz-to;He;ch=a3f822c609c9b38fc4fcfee718a2dd00;Pe/.../wpe-pro-exe/.../wpe-pro-exe?bD&c=5570900&De

Remove WPE PRO.EXE - Powered by Reason Core Security