home

wlcomm32.exe

Updates LTD

The application wlcomm32.exe by Updates has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Updates LTD  (signed and verified)

MD5:
e28434dc0debbd058c43e1ce34f50388

SHA-1:
3aa66a78455f23e4ce2ee855a0b7c2090c12ed09

SHA-256:
6dcaa7bac4b742b2df8ed3c38705a94bd7cacd87d205a44d0b121278ae0c3e0d

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 7:45:31 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Updates (M)
16.8.14.17

File size:
239.3 KB (245,088 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\windows service\wlcomm32.exe

Digital Signature
Signed by:
Updates LTD

Authority:
COMODO CA Limited

Valid from:
12/5/2012 10:00:00 PM

Valid to:
12/6/2013 9:59:59 PM

Subject:
CN=Updates LTD, O=Updates LTD, STREET=Alameda Professor Lucas Nogueira Garcez 2647, L=Atibaia, S=Sao Paulo, PostalCode=12947-000, C=BR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FD2CF3FBE5A510B83F16BEBC4554C718

File PE Metadata
Compilation timestamp:
1/23/2013 2:19:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.23

CTPH (ssdeep):
6144:aYl0Mbsp1TI0t8xcFwUG+b8gi0jqlpSEZUl2ZaYwFdcn+DZV:aQEINaHjUS72DmjV

Entry address:
0x13000

Entry point:
EB, 03, D3, 8A, 48, 50, EB, 02, 0F, 61, E8, 1C, 00, 00, 00, EB, 05, 87, B7, 47, FB, D9, EB, 04, 32, A7, C5, B7, 33, C0, EB, 04, A9, 47, E2, 02, 71, 5C, EB, 03, 00, BA, 49, EB, 02, 8D, 92, B8, 3F, 48, E8, F6, EB, 04, DE, 92, 85, 51, EB, 04, 67, F0, 83, 4A, 05, C1, B7, 17, 09, EB, 01, F3, 75, 38, EB, 02, 10, B5, 64, FF, 30, EB, 03, 3D, 50, 5D, 64, 89, 20, EB, 01, 81, EB, 04, EA, C7, 2A, 48, 8B, 10, EB, 03, BB, 56, 72, 64, 8F, 00, EB, 03, 85, 94, 60, 83, C4, 04, EB, 02, 6B, D9, 58, EB, 01, 68, C3, EB, 03, C6...
 
[+]

Code size:
12 KB (12,288 bytes)

Remove wlcomm32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.