home

pteupgradetool.exe

WnSoft Ltd.

Publisher:
WnSoft Ltd.  (signed and verified)

MD5:
7effd5e74893a5131fac45e9c6d2052e

SHA-1:
ca3837602b2d2a8f2b20ce18bee66f26529e997c

SHA-256:
2f58956cd6afefd0c426da57624b5efcfb13cb5e9c8dae53372d3e90875c3b1d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:55:54 AM UTC  (today)

File size:
650.3 KB (665,872 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pteupgradetool.exe

Digital Signature
Signed by:
WnSoft Ltd.

Authority:
RBC Hosting Center

Valid from:
5/30/2012 1:00:00 AM

Valid to:
5/31/2014 12:59:59 AM

Subject:
CN=WnSoft Ltd., O=WnSoft Ltd., STREET="Kirov g Melkombinatovsky travel, 8a", L=Kirov, S=Kirov region, PostalCode=610035, C=RU

Issuer:
CN=RBC HC Object Services CA, O=RBC Hosting Center, C=RU

Serial number:
0E3C23C56D2D17AA5B0C40DE5C3525D8

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:hJj/8zydXGEFVZU06yt3dK0WoI5e9ZEtV/7XXWQ/DX9iqNkYkQ:hB1tdVWyts0pI6WV/7XXWWQqL

Entry address:
0x76F30

Entry point:
55, 8B, EC, 83, C4, F0, B8, 40, 4C, 47, 00, E8, C4, FE, F8, FF, E8, 13, C3, FE, FF, E8, 1A, F2, FE, FF, A1, 14, 9E, 47, 00, 8B, 00, 8B, 10, FF, 52, 3C, 8B, 0D, A0, 9B, 47, 00, A1, 14, 9E, 47, 00, 8B, 00, 8B, 15, 40, 3F, 47, 00, E8, 7E, C6, FE, FF, A1, 14, 9E, 47, 00, 8B, 00, 8B, 10, FF, 52, 40, E8, 29, D9, F8, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8692

Developed / compiled with:
Microsoft Visual C++

Code size:
468.5 KB (479,744 bytes)

The file pteupgradetool.exe has been seen being distributed by the following URL.

http://www.wnsoft.com/files/.../PteUpgradeTool.exe

Scan pteupgradetool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.