home

HBUALauncher.exe

HB User Agent Launcher

Haedenbridge Co.,LTD

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘HB UA Launcher’.
Publisher:
Haeden Bridge Co., Ltd.  (signed by Haedenbridge Co.,LTD)

Product:
HB User Agent Launcher

Version:
5, 1, 1, 12004

MD5:
9b815ea0d543deb4b8298e2ca301efe8

SHA-1:
0682dd5082a7f574954fc651cd0e3d33aa2732a1

SHA-256:
2b60b14374dac7de7f7b59854e343e3a4ab2db413721d453ed453551017c4ce2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 9:52:37 AM UTC  (today)

File size:
2.3 MB (2,439,536 bytes)

Product version:
5, 1, 1, 12004

Copyright:
Copyright (c) 2002-2012 Haeden Bridge Co., Ltd. All rights reserved.

Original file name:
HBUALauncher.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\haedenbridge\hbuseragent\hbualauncher.exe

Digital Signature
Signed by:
Haedenbridge Co.,LTD

Authority:
Thawte, Inc.

Valid from:
11/21/2014 9:00:00 AM

Valid to:
1/20/2017 8:59:59 AM

Subject:
CN="Haedenbridge Co.,LTD", OU=Engine Development, O="Haedenbridge Co.,LTD", L=Seongdong-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
71D2AF566A660AC32012C84092AD42AB

File PE Metadata
Compilation timestamp:
11/2/2015 10:41:12 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
49152:REkuGYNvODAF1wT85zAR7koOcXbYoKSYmvwOw8jV2vDH:ukpYNvOD+qT8aR7koOMkoKSYmv3h2T

Entry address:
0x136494

Entry point:
E8, 12, E3, 00, 00, E9, 7B, FE, FF, FF, 55, 8B, EC, 5D, E9, 00, 00, 00, 00, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, 36, E6, 00, 00, 83, C4, 0C, 5D, C3, 55, 8B, EC, 56, E8, 95, AB, 00, 00, 8B, B0, 80, 00, 00, 00, E8, 8A, AB, 00, 00, 8B, 4D, 08, 89, 88, 80, 00, 00, 00, 8B, C6, 5E, 5D, C3, 55, 8B, EC, FF, 15, DC, 11, 57, 00, 6A, 01, A3, 4C, 20, 5E, 00, E8, 12, E6, 00, 00, FF, 75, 08, E8, 79, E9, 00, 00, 83, 3D, 4C, 20, 5E, 00, 00, 59, 59, 75, 08, 6A, 01, E8, F8, E5, 00, 00, 59, 68, 09, 04, 00, C0, E8, 47...
 
[+]

Entropy:
5.9033

Code size:
1.4 MB (1,504,256 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
HB UA Launcher

Command:
C:\Program Files\haedenbridge\hbuseragent\hbualauncher.exe


Scan HBUALauncher.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.