» WPE PRO.EXE
Overview
Analysis
File Details
Downloads (2)

WPE PRO.EXE

WPE PRO Application

The application WPE PRO.EXE, “WPE PRO MFC Application” has been detected as a potentially unwanted program by 33 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dla.uloz.to and multiple other hosts.

File name:

WPE PRO.EXE

Product:

WPE PRO Application

Description:

WPE PRO MFC Application

Version:

1, 0, 0, 1

MD5:

4dec13d4647a6c33dae32cfde38a746e

SHA-1:

bb41d9ec80d6b88c74161025394022696a69dc18

SHA-256:

d5dff0e8eb5d25b4f7fe47c141d23306417db94e50873c9737b7461fda391a64

Scanner detections:

33 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 10:32:41 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Sniffer.Wpepro.F

1080

Agnitum Outpost

Trojan.Agent

7.1.1

AhnLab V3 Security

Win-Trojan/Sniffer.827456

2014.02.06

Avira AntiVirus

SPR/Tool.WpePro

7.11.129.138

avast!

Win32:PUP-gen [PUP]

2014.9-140219

AVG

HackTool

2015.0.3558

Baidu Antivirus

Malware.Win32.RiskTool

4.0.3.14219

Bitdefender

Application.Sniffer.Wpepro.F

1.0.20.250

Clam AntiVirus

Sniffer.WPE.A

0.98/18355

Comodo Security

TrojWare.Win32.HackTool.Sniffer.WPEPRO

17737

ESET NOD32

Win32/Sniffer.WpePro

8.9386

Fortinet FortiGate

W32/WpePro.A!tr.bdr

2/19/2014

F-Prot

W32/MalwareF.OAED

v6.4.7.1.166

F-Secure

Trojan:W32/Agent.DQRR

11.2014-19-02_4

G Data

Application.Sniffer.Wpepro

14.2.24

IKARUS anti.virus

not-a-virus:Sniffer.Wpe

t3scan.2.2.29

K7 AntiVirus

Riskware

13.175.11074

Kaspersky

HackTool.Win32.Sniffer.WpePro

14.0.0.4286

Malwarebytes

HackTool.Sniffer.WpePro

v2014.02.19.06

McAfee

Sniff-WpePro

5600.7214

Microsoft Security Essentials

HackTool:Win32/WpePro

1.165.247.01

MicroWorld eScan

Application.Sniffer.Wpepro.F

15.0.0.150

NANO AntiVirus

Riskware.Win32.Sniffer-WpePro.hrnw

0.28.0.57630

Norman

WpePro.D

11.20140219

nProtect

Abuse-Worry/W32.Sniff.831488

14.02.05.01

Panda Antivirus

Sniffer/WpePro

14.02.19.06

Quick Heal

HackTool.Sniffer.WpePro.rxi (Not a Virus)

2.14.12.00

Rising Antivirus

PE:Trojan.Win32.Generic.11E2F497!300086423

23.00.65.14217

Sophos

Troj/WpePro-B

4.97

Total Defense

Win32/WPEPro.A

37.0.10744

Vba32 AntiVirus

Backdoor.Hupigon

3.12.24.3

VIPRE Antivirus

Sniffer.Win32.WpePro.a (not malicious)

26172

XVirus List

Win.Detected

2.3.31

File size:

812 KB (831,488 bytes)

Product version:

1, 0, 0, 1

Original file name:

WPE PRO.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\wpe pro.exe

File PE Metadata

Compilation timestamp:

3/23/2004 8:41:37 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:S3v6sgx8iIivBmxWb30XJe4s1lPSOCx8zmRaar5kuHer2zHhaJsICKU7:S/6tIu3Ujs1VDCx3GuDJK

Entry address:

0x4E076

Entry point:

55, 8B, EC, 6A, FF, 68, 10, B7, 49, 00, 68, 24, 44, 45, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 04, F4, 48, 00, 33, D2, 8A, D4, 89, 15, D8, 0A, 4D, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, D4, 0A, 4D, 00, C1, E1, 08, 03, CA, 89, 0D, D0, 0A, 4D, 00, C1, E8, 10, A3, CC, 0A, 4D, 00, 6A, 01, E8, D5, 50, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 66, 32, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75... 
[+]

Code size:

568 KB (581,632 bytes)

The file WPE PRO.EXE has been seen being distributed by the following 2 URLs.

http://dla.uloz.to/Ps;Hs;fid=57322113;cid=5570900;rid=126303457;up=0;uip=213.216.59.94;tm=1475598728;ut=f;aff=uloz.to;did=uloz-to;He;ch=a3f822c609c9b38fc4fcfee718a2dd00;Pe/.../wpe-pro-exe/.../wpe-pro-exe?bD&c=5570900&De

http://s10183.chomikuj.pl/File.aspx?e=qy_xjvQOMzJu6otD3kecacKQWrSkYHGCUiEjU4BbDPRu6Bqra9-w0iLoKDKya7sKcESxZeWImkVxJp5hGEU6Y_CLCQBxSckGyQs2InFjvUeEuyvD8u8NBhNkhzfNacg3Tv8hLvFFebX18PpNvlYPOg&pv=2

Remove WPE PRO.EXE - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.