home

Boxore.exe

Boxore

Boxore OU

The application Boxore.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. While running, it connects to the Internet address ns04.hiwit.net on port 80 using the HTTP protocol.
Publisher:
Boxore OU

Product:
Boxore

Version:
5, 5, 0, 0

MD5:
ace99a20052123ec49fea25acbbb49c6

SHA-1:
c6620ba7a7e4fffd8ed605004ad1f7807e8feab8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/5/2025 9:04:09 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Boxore.BoxoreOU.Meta
15.6.15.9

File size:
1.5 MB (1,527,296 bytes)

Product version:
5, 5, 0, 0

Original file name:
Boxore.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\boxore\boxore client\boxore.exe

File PE Metadata
Compilation timestamp:
11/17/2014 11:27:39 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:BXpQBXnVIp4pZTAr1HAiDAQMW6+RTEYuoeiO7xD4YHfNMn+dNjDZfb:ExVGsCAihMW6wslfSn+dNjDZT

Entry address:
0xDE9D4

Entry point:
E8, C5, FD, 00, 00, E9, 39, FE, FF, FF, 83, 25, 64, C3, 55, 00, 00, C3, 55, 8B, EC, 51, A1, 54, C3, 55, 00, 83, 65, FC, 00, 33, 05, D0, 6E, 55, 00, 74, 12, 6A, 00, 8D, 4D, FC, 51, FF, D0, 83, F8, 7A, 75, 05, 33, C0, 40, EB, 02, 33, C0, 8B, E5, 5D, C3, 55, 8B, EC, A1, 0C, C3, 55, 00, 33, 05, D0, 6E, 55, 00, 74, 05, FF, 75, 08, FF, D0, 5D, C3, 55, 8B, EC, A1, 18, C3, 55, 00, 33, 05, D0, 6E, 55, 00, 74, 05, FF, 75, 08, FF, D0, 5D, C3, 55, 8B, EC, A1, F4, C2, 55, 00, 33, 05, D0, 6E, 55, 00, 74, 10, FF, 75, 14...
 
[+]

Code size:
1.2 MB (1,222,144 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ns04.hiwit.net  (194.150.236.156:80)

Remove Boxore.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.