home

icoupd.exe

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘FCTICoUpd’.
Publisher:
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION  (signed and verified)

MD5:
b2ea98201d12f28ab3be33c31eb93b1c

SHA-1:
95ee40a150d5f8548ff8a907ab1c12077b8944bd

SHA-256:
9a624376207214665ae8dbdd4902508c4f681fde5d470c500a7a67afb4d3ac43

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 2:11:27 AM UTC  (today)

File size:
81.4 KB (83,352 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ntte\fletsconnectiontool\icoupd.exe

Digital Signature
Signed by:
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

Authority:
VeriSign, Inc.

Valid from:
7/17/2007 9:00:00 AM

Valid to:
7/17/2008 8:59:59 AM

Subject:
CN=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, OU=Network Business Headquarters, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, L=Shinjuku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
23547C2234E839D04C743169408C6191

File PE Metadata
Compilation timestamp:
4/16/2007 7:37:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1536:YIj35n+AijgN+/XtIb1DDC0d4DFpeRwhyKCwGYfEdoNclQc01iG++WylLlewTg:Dz5n+AijO+/XtIb5DyyafMdFlB/zSlLq

Entry address:
0x71B4

Entry point:
6A, 60, 68, 08, E6, 40, 00, E8, 30, 02, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, F4, EE, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 74, E0, 40, 00, 8B, 4E, 10, 89, 0D, DC, 1E, 41, 00, 8B, 46, 04, A3, E8, 1E, 41, 00, 8B, 56, 08, 89, 15, EC, 1E, 41, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, E0, 1E, 41, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, E0, 1E, 41, 00, C1, E0, 08, 03, C2, A3, E4, 1E, 41, 00, 33, F6, 56, 8B, 3D, 20, E1, 40, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
5.9843

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
52 KB (53,248 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
FCTICoUpd

Command:
C:\Program Files1\ntte\fletsc~1\icoupd.exe


Scan icoupd.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.