home

AHTUxPK.exe

AHTUxPK

Igor

This is a setup program which is used to install the application. The file has been seen being downloaded from xn--80aejljbfwxn.xn--p1ai.
Publisher:
Igor

Product:
AHTUxPK

Version:
1.00.0001

MD5:
dc1ab1eaccbbb8b22ac5808aba7b1a60

SHA-1:
79696ebb84b35b1a51e362679b0788c9cacec010

SHA-256:
a5e4984bd7b17cdb4c88ede1e7ef5d36ca9e34091865b1c50b265ec2777f96f8

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/16/2024 2:38:02 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
HKTL_CLICKER
7.2.146

Trend Micro
HKTL_CLICKER
10.465.26

File size:
148 KB (151,567 bytes)

Product version:
1.00.0001

Original file name:
AHTUxPK.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\ahtuxpk.exe

File PE Metadata
Compilation timestamp:
10/19/2012 5:46:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:HTXABqiVIEyIY8QRnaQ7oYQfTphAnAqppP+C+3F9958G:H76arIYTnwthAnAcGC2FD9

Entry address:
0x19FC

Entry point:
68, 88, 77, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 23, 43, 24, C9, 4C, 9E, 14, 4C, 8D, 36, 28, 4B, 92, 47, 7B, 6F, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 30, 32, 30, 34, 33, 30, 41, 48, 54, 55, 78, 50, 4B, 00, 00, 00, 00, 00, FF, CC, 31, 00, 07, 45, AF, C0, 25, AE, 64, 62, 4B, A2, A2, 02, B1, 33, 63, 68, 51, 9A, 5A, E2, 69, 61, B0, 57, 47, BD, C8, A7, 3D, A7, 51, 9D, AA, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
136 KB (139,264 bytes)

The file AHTUxPK.exe has been seen being distributed by the following URL.

http://xn--80aejljbfwxn.xn--p1ai/download.php?id=1

Scan AHTUxPK.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.