» wppinstalador.exe
Overview
Analysis
File Details
Downloads (1)

wppinstalador.exe

ACM1PT

The executable wppinstalador.exe has been detected as malware by 25 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup.

File name:

wppinstalador.exe

Publisher:

ACM1PT

Product:

ACM1PT

Version:

34.4.5.4

MD5:

e1aaeac17e43b32296644b5f01d4c951

SHA-1:

90be845b3f5136e4906572a691872ca9c30b776c

SHA-256:

26e5475001cd49ab26f8f8b8197ddeb1b4496119356544b45f34187a50ea208c

Scanner detections:

25 / 68

Status:

Malware

Analysis date:

11/16/2024 3:39:01 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.MSILPerseus.1001

239

AhnLab V3 Security

Malware/Gen.Generic

2016.01.17

Avira AntiVirus

TR/Perseus.23552

8.3.2.4

Arcabit

Trojan.MSILPerseus.D3E9

1.0.0.642

avast!

Win32:Dropper-gen [Drp]

2014.9-160609

AVG

Downloader.MSIL

2017.0.2717

Baidu Antivirus

Trojan.MSIL.Disfa

4.0.3.1669

Bitdefender

Gen:Variant.MSILPerseus.1001

1.0.20.805

Emsisoft Anti-Malware

Gen:Variant.MSILPerseus.1001

8.16.06.09.12

ESET NOD32

MSIL/TrojanDownloader.Small.ACU

10.12880

Fortinet FortiGate

W32/Disfa.ACU!tr

6/9/2016

F-Secure

Gen:Variant.MSILPerseus.1001

11.2016-09-06_5

G Data

Gen:Variant.MSILPerseus.1001

16.6.25

IKARUS anti.virus

Trojan-Downloader.MSIL.Small

t3scan.1.9.5.0

K7 AntiVirus

Trojan-Downloader

13.212.18450

Kaspersky

Trojan.MSIL.Disfa

14.0.0.82

McAfee

RDN/Generic Downloader.x

5600.6373

Microsoft Security Essentials

Trojan:Win32/Dynamer!ac

1.1.12400.0

MicroWorld eScan

Gen:Variant.MSILPerseus.1001

17.0.0.483

NANO AntiVirus

Trojan.Win32.Perseus.dylckk

1.0.14.5380

Panda Antivirus

Trj/CI.A

16.06.09.12

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1077

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R047C0DK515

10.465.09

VIPRE Antivirus

Trojan.Win32.Generic

46560

File size:

23 KB (23,552 bytes)

Product version:

34.4.5.4

ACM1PT

Original file name:

xxx.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\wppinstalador.exe

File PE Metadata

Compilation timestamp:

11/1/2015 12:09:27 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

192:MykmWNPrMw3iDRTvKgnZminloYk4feuNI48LQqTOk61BEdO:MrM71ugZ+4f7aLQQazP

Entry address:

0x433E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

9 KB (9,216 bytes)

The file wppinstalador.exe has been seen being distributed by the following URL.

http://dr.tl/wppintalador

Remove wppinstalador.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.