home

spk.exe

Yordan Damyanov

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application spk.exe by Yordan Damyanov has been detected as adware by 6 anti-malware scanners.
Publisher:
Yordan Damyanov  (signed and verified)

MD5:
c35483e93736e70d2d7a5ae2a86094f8

SHA-1:
ee9723082448e34d11d871b47d65aba5f3221371

SHA-256:
d970197615294a69a1f7ae7f6a230b7894eded791278a091e3728b38da94ffe6

Scanner detections:
6 / 68

Status:
Adware

Analysis date:
4/24/2024 9:26:15 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.Vonteera
4.0.3.141121

ESET NOD32
Win32/AdWare.Vonteera (variant)
8.10762

IKARUS anti.virus
PUA.Vonteera
t3scan.1.8.3.0

Reason Heuristics
PUP.YordanDamyanov.D
14.11.21.19

Sophos
Vonteera
4.98

Trend Micro House Call
Suspicious_GEN.F47V1120
7.2.325

File size:
765.1 KB (783,432 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\spk\spk.exe

Digital Signature
Signed by:
Yordan Damyanov

Authority:
COMODO CA Limited

Valid from:
10/6/2013 7:00:00 PM

Valid to:
10/7/2015 6:59:59 PM

Subject:
CN=Yordan Damyanov, O=Yordan Damyanov, STREET=19 Dobri Voinikov Str, L=Sofia, S=Sofia, PostalCode=1000, C=BG

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FEEF0D77D0AC7E55D4E7707B384AC901

File PE Metadata
Compilation timestamp:
11/11/2014 3:57:02 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:37nHLGWjtzpqWccaM2XMIU5LOQELp4wNGX7T4Y475xFM38TrgvUiu6CQvARjLRmZ:rrGWjtzpqWccaM9LQLG3X7TzMKurg8Fu

Entry address:
0x81AD4

Entry point:
E8, 16, 70, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, 19, 09, 00, 00, 3B, 0D, 70, C6, 4A, 00, 75, 02, F3, C3, E9, 92, 70, 00, 00, 8B, FF, 55, 8B, EC, FF, 75, 08, FF, 15, 18, B0, 49, 00, 85, C0, 75, 08, FF, 15, 24, B0, 49, 00, EB, 02, 33, C0, 85, C0, 74, 0C, 50, E8, 25, 59, 00, 00, 59, 83, C8, FF, 5D, C3, 33, C0, 5D, C3, 8B, FF, 51, C7, 01, C0, B4, 49, 00, E8, 5A, 71, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 8D, FF, FF, FF, 59, 8B, C6...
 
[+]

Entropy:
6.5521

Code size:
613.5 KB (628,224 bytes)

Remove spk.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.