» AdpeakWFP.sys
Overview
Analysis
File Details
Behaviors (1)

AdpeakWFP.sys

Adpeak, Inc.

Part of an Adpeak program that shows ads in the browser without providing information about the ad's origin. Ads are injected as banners or text-links in random web pages. The file AdpeakWFP.sys by Adpeak has been detected as adware by 4 anti-malware scanners. It runs as a Windows kernel mode device driver named “AdpeakWFP”.

File name:

AdpeakWFP.sys

Publisher:

Adpeak, Inc. (signed and verified)

Product:

AdpeakWFP.sys

Description:

WFP driver

Version:

2.2.6.7

MD5:

74ee0bdb869b5ad190f731b47ad1fb38

SHA-1:

f2bb4e6629daca72e797453b7aa6371d04ef4505

SHA-256:

09a15d8702ebcc88519ad70003f4ee931cf13a0638812ea94f6e8838d96840a3

Scanner detections:

4 / 68

Status:

Adware

Explanation:

Injects advertisements in the web browser in the form or banner ads and popups.

Analysis date:

4/24/2024 3:11:08 PM UTC (today)

Scan engine

Detection

Engine version

AVG

MalSign.Adpeak

2015.0.3327

Malwarebytes

PUP.Optional.Adpeak

v2014.10.09.10

Reason Heuristics

PUP.Adpeak.M

14.10.9.10

VIPRE Antivirus

Adware.Adpeak

28012

File size:

34.1 KB (34,968 bytes)

Product version:

2.2.6.7

Original file name:

AdpeakWFP.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\adpeakwfp.sys

Digital Signature

Signed by:

Adpeak, Inc.

Authority:

DigiCert Inc

Valid from:

7/17/2013 8:00:00 PM

Valid to:

9/24/2014 8:00:00 AM

Subject:

CN="Adpeak, Inc.", O="Adpeak, Inc.", L=Sarasota, S=Florida, C=US

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0E4C86026B3F1F3BDBEDF4DA58E8FF09

File PE Metadata

Compilation timestamp:

9/14/2013 11:09:59 PM

OS version:

6.2

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

11.0

CTPH (ssdeep):

384:pzPIg5UJIhnQpecGyw086C6B3Az7otMicUFxaPWxxZq3dkAtZZv/K6jGnpE:pzPZ5keaOC3ci5FxaPWxAKg2+

Entry address:

0x4A60

Entry point:

8B, FF, 55, 8B, EC, E8, 9C, 35, 00, 00, 5D, E9, 0E, D5, FF, FF, CC, CC, CC, CC, CC, CC, 3B, 0D, 00, 60, 40, 00, 75, 03, C2, 00, 00, E9, 06, 00, 00, 00, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 51, 89, 4D, FC, 6A, 02, 59, CD, 29, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, B8, 01, 00, 00, 00, C2, 10, 00, 61, 00, 70, 00, 70, 00, 54, 00, 61, 00, 62, 00, 6C, 00, 65, 00, 00, 00, 69, 00, 70, 00, 54, 00, 61, 00, 62, 00, 6C, 00, 65, 00, 00, 00, 70, 00, 6F, 00, 72, 00, 74, 00, 54, 00, 61, 00, 62, 00, 6C, 00, 65, 00... 
[+]

Entropy:

6.5557

Code size:

18 KB (18,432 bytes)

Driver

Display name:

AdpeakWFP

Type:

Kernel device driver (KernelDriver)

Group:

networkprovider

Depends on:

BFE

Remove AdpeakWFP.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.