wppinstalador.exe

ACM1PT

The executable wppinstalador.exe has been detected as malware by 25 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup.
Publisher:
ACM1PT

Product:
ACM1PT

Version:
34.4.5.4

MD5:
e1aaeac17e43b32296644b5f01d4c951

SHA-1:
90be845b3f5136e4906572a691872ca9c30b776c

SHA-256:
26e5475001cd49ab26f8f8b8197ddeb1b4496119356544b45f34187a50ea208c

Scanner detections:
25 / 68

Status:
Malware

Analysis date:
12/25/2024 4:13:49 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.MSILPerseus.1001
239

AhnLab V3 Security
Malware/Gen.Generic
2016.01.17

Avira AntiVirus
TR/Perseus.23552
8.3.2.4

Arcabit
Trojan.MSILPerseus.D3E9
1.0.0.642

avast!
Win32:Dropper-gen [Drp]
2014.9-160609

AVG
Downloader.MSIL
2017.0.2717

Baidu Antivirus
Trojan.MSIL.Disfa
4.0.3.1669

Bitdefender
Gen:Variant.MSILPerseus.1001
1.0.20.805

Emsisoft Anti-Malware
Gen:Variant.MSILPerseus.1001
8.16.06.09.12

ESET NOD32
MSIL/TrojanDownloader.Small.ACU
10.12880

Fortinet FortiGate
W32/Disfa.ACU!tr
6/9/2016

F-Secure
Gen:Variant.MSILPerseus.1001
11.2016-09-06_5

G Data
Gen:Variant.MSILPerseus.1001
16.6.25

IKARUS anti.virus
Trojan-Downloader.MSIL.Small
t3scan.1.9.5.0

K7 AntiVirus
Trojan-Downloader
13.212.18450

Kaspersky
Trojan.MSIL.Disfa
14.0.0.82

McAfee
RDN/Generic Downloader.x
5600.6373

Microsoft Security Essentials
Trojan:Win32/Dynamer!ac
1.1.12400.0

MicroWorld eScan
Gen:Variant.MSILPerseus.1001
17.0.0.483

NANO AntiVirus
Trojan.Win32.Perseus.dylckk
1.0.14.5380

Panda Antivirus
Trj/CI.A
16.06.09.12

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1077

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R047C0DK515
10.465.09

VIPRE Antivirus
Trojan.Win32.Generic
46560

File size:
23 KB (23,552 bytes)

Product version:
34.4.5.4

Copyright:
ACM1PT

Original file name:
xxx.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\wppinstalador.exe

File PE Metadata
Compilation timestamp:
11/1/2015 12:09:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
192:MykmWNPrMw3iDRTvKgnZminloYk4feuNI48LQqTOk61BEdO:MrM71ugZ+4f7aLQQazP

Entry address:
0x433E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
9 KB (9,216 bytes)

The file wppinstalador.exe has been seen being distributed by the following URL.

Remove wppinstalador.exe - Powered by Reason Core Security