bhoenabler.exe

Zhang Ling

The application bhoenabler.exe by Zhang Ling has been detected as adware by 7 anti-malware scanners.
Publisher:
Zhang Ling  (signed and verified)

MD5:
7519dcdfd4c813d7eebbfe05fe53c8c1

SHA-1:
f6b75026f6fb13b23d842e309f5c50b88098c1e9

Scanner detections:
7 / 68

Status:
Adware

Analysis date:
12/25/2024 12:05:01 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Zhangling
2016.0.3229

Baidu Antivirus
Adware.Win32.ELEX
4.0.3.15115

ESET NOD32
Win32/ELEX.AR
9.10120

Reason Heuristics
PUP.ZhangLing.K
15.1.15.8

Trend Micro House Call
Suspicious_GEN.F47V0712
7.2.15

Vba32 AntiVirus
AdWare.Agent
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
31396

File size:
116.9 KB (119,688 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\suptab\bhoenabler.exe

Digital Signature
Signed by:

Authority:
WoSign CA Limited

Valid from:
6/6/2014 5:29:18 AM

Valid to:
6/6/2015 5:29:18 AM

Subject:
CN=Zhang Ling, E=chloezhangling@gmail.com, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
07DAC38DB37E09DF8C8634065592DFE3

File PE Metadata
Compilation timestamp:
1/2/2014 3:19:16 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:IzNPGzSgJq837k92V/TP2qlQ+HceRsWjcdU8bvcfQAG0d2scmq5hObaM:Q8LR5b2qlQ+ZeU6vcfQAoscmqTm

Entry address:
0x69A5

Entry point:
E8, 14, 27, 00, 00, E9, 7F, FE, FF, FF, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 74, 82, 41, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, C8, 70, 41, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 74, 82, 41, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00, 00, F7, C6, 03, 00, 00...
 
[+]

Code size:
53 KB (54,272 bytes)

Remove bhoenabler.exe - Powered by Reason Core Security