home

winspop.exe

JE communication

The application winspop.exe by JE communication has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Windows Winerspop by Winerspop which is a potentially unwanted software program.
Publisher:
JE communication  (signed and verified)

MD5:
9bb149bf996da5ab3376fa220675775b

SHA-1:
542fc79a783e84720c3ce05ddcae1e047eb69893

SHA-256:
fcd399fe7b2b1e0ace9d7620431afadaef6a47ce31a5b18a80eb8c0ef2c6ba7c

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/24/2024 12:12:39 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.JEcommunication (M)
16.2.8.10

File size:
837.1 KB (857,208 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\windows winerspop 1.5\winspop.exe

Digital Signature
Signed by:
JE communication

Authority:
Thawte, Inc.

Valid from:
10/28/2012 8:00:00 PM

Valid to:
11/28/2013 6:59:59 PM

Subject:
CN=JE communication, OU=IT Team, O=JE communication, L=Gangnam-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
79BFEDDF41C2E1BD5C1C61870556A607

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:FGm0I8PLl3+DUErOos33P41AttUjwVNIL:FGm0R8vYPYItU0nIL

Entry address:
0xB0610

Entry point:
55, 8B, EC, 83, C4, E8, 53, 33, C0, 89, 45, EC, 89, 45, E8, B8, 80, FF, 4A, 00, E8, 5B, 5F, F5, FF, 33, C0, 55, 68, CF, 06, 4B, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, A1, 14, 4A, 4B, 00, 8B, 00, E8, 3E, A5, FA, FF, 8B, 45, E8, 8D, 55, EC, E8, B7, 8C, F5, FF, 8B, 45, EC, E8, D3, 40, F5, FF, 50, 6A, FF, 6A, 00, E8, 6D, 61, F5, FF, 8B, D8, E8, 66, 62, F5, FF, 3D, B7, 00, 00, 00, 75, 08, 53, E8, 71, 63, F5, FF, EB, 3B, A1, 14, 4A, 4B, 00, 8B, 00, E8, 57, 9E, FA, FF, 8B, 0D, B0, 47, 4B, 00, A1, 14, 4A, 4B, 00...
 
[+]

Entropy:
6.6135

Developed / compiled with:
Microsoft Visual C++

Code size:
702 KB (718,848 bytes)

The file winspop.exe has been discovered within the following program.

Windows Winerspop  by Winerspop
Winerspop is an advertising-supported web browser toolbar/extension.
81% remove it
 
Powered by Should I Remove It?

Remove winspop.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.