home

icoupd.exe

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘FCTICoUpd’.
Publisher:
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION  (signed and verified)

MD5:
2d4f6e55d892819826919dce04ed9b74

SHA-1:
61bfea96b54da0b40cd3623b86948b15cea922b1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:59:04 PM UTC  (today)

File size:
81.4 KB (83,352 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ntte\fletsconnectiontool\icoupd.exe

Digital Signature
Signed by:
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

Authority:
VeriSign, Inc.

Valid from:
7/17/2007 9:00:00 AM

Valid to:
7/17/2008 8:59:59 AM

Subject:
CN=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, OU=Network Business Headquarters, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, L=Shinjuku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
23547C2234E839D04C743169408C6191

File PE Metadata
Compilation timestamp:
8/1/2006 3:06:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1536:vjSEnuWXS/gd0E03ihqtfKnTrz8ryvpwGkPKFjnsYcr1iV8tYylKTUdwz:WEnuWXS/gd0ETq4Wye7Spn5DV8BlCUo

Entry address:
0x70D4

Entry point:
6A, 60, 68, 30, E6, 40, 00, E8, 30, 02, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, F4, EE, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 74, E0, 40, 00, 8B, 4E, 10, 89, 0D, DC, 1E, 41, 00, 8B, 46, 04, A3, E8, 1E, 41, 00, 8B, 56, 08, 89, 15, EC, 1E, 41, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, E0, 1E, 41, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, E0, 1E, 41, 00, C1, E0, 08, 03, C2, A3, E4, 1E, 41, 00, 33, F6, 56, 8B, 3D, 20, E1, 40, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
5.9675

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
52 KB (53,248 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
FCTICoUpd

Command:
C:\Program Files1\ntte\fletsc~1\icoupd.exe


Scan icoupd.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.