wtepktomp[.]exe[.]v

Sharing

Copy URL

Twitter E-mail

General

Target

wtepktomp.exe.v
Size

27.6MB
MD5

4ce843f56cbad3ab43caec3ba7f6071d
SHA1

999ecf6203235a3efc3ffa2d599ac4b4ad3e3c2a
SHA256

ae783b3c7bcb5ea06fb5eb671da35cbab84fed9ce035c3a322733f409d1dbebe
SHA512

fc5992edb859c064a31128dc227158d79d29446d1036c453513e01ba201364b20be118243a36fffdd3deb8f3ec1da85a0896edc99e2de9e4dcdeaf49131e5b96
SSDEEP

786432:Dwn4l5mSUNsSjeNes2B2q8H9MNEjHzb141qwHX:DNfm/fUedZwXD0qA

Score

1^/10

Malware Config

Signatures

Files

wtepktomp.exe.v
.exe windows:4 windows x86 arch:x86

0d97c35376278d9c189421615fbb4ed2

Code Sign

72:85:e4:6e:2e:d0:85:a4
Certificate

Issuer

CN=vpn.speed.com,O=fobwifi,C=CN

Not Before

29/05/2020, 15:24

Not After

24/05/2040, 15:24

Subject

CN=vpn.speed.com,O=speed,C=CN

97:47:7e:b3:ef:1b:48:0e:17:bf:d7:52:40:4f:15:8a:69:9e:c9:b6:82:0e:1b:f5:f4:99:ac:71:54:31:ec:bd
Signer

Actual PE Digest

97:47:7e:b3:ef:1b:48:0e:17:bf:d7:52:40:4f:15:8a:69:9e:c9:b6:82:0e:1b:f5:f4:99:ac:71:54:31:ec:bd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation

user32

ClientToScreen

gdi32

SetMapMode

comdlg32

GetSaveFileNameA

winspool.drv

OpenPrinterA

advapi32

RegCreateKeyA

shell32

ExtractIconA

comctl32

ImageList_ReplaceIcon

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 26.6MB - Virtual size: 26.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 916KB - Virtual size: 916KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d97c35376278d9c189421615fbb4ed2

Code Sign

72:85:e4:6e:2e:d0:85:a4Certificate

97:47:7e:b3:ef:1b:48:0e:17:bf:d7:52:40:4f:15:8a:69:9e:c9:b6:82:0e:1b:f5:f4:99:ac:71:54:31:ec:bdSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

msvcrt

iphlpapi

psapi

Sections

.text Size: 26.6MB - Virtual size: 26.6MB

.sedata Size: 916KB - Virtual size: 916KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 180KB - Virtual size: 180KB

.sedata Size: 4KB - Virtual size: 4KB

72:85:e4:6e:2e:d0:85:a4
Certificate

97:47:7e:b3:ef:1b:48:0e:17:bf:d7:52:40:4f:15:8a:69:9e:c9:b6:82:0e:1b:f5:f4:99:ac:71:54:31:ec:bd
Signer

.text
Size: 26.6MB - Virtual size: 26.6MB

.sedata
Size: 916KB - Virtual size: 916KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 180KB - Virtual size: 180KB

.sedata
Size: 4KB - Virtual size: 4KB