home

hhupd.exe

Microsoft Windows NT Operating System

Test Company

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The application hhupd.exe, “Win32 Cabinet Self-Extractor ” by Test Company has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Microsoft Corporation  (signed by Test Company)

Product:
Microsoft(R) Windows NT(R) Operating System

Description:
Win32 Cabinet Self-Extractor

Version:
4.71.1015.0

MD5:
4ca8f8b70e8982bb202819db9ffd6128

SHA-1:
41f1335ca160d382f21bffb858a969113aa82c79

SHA-256:
65cb13d77266ca80aad837de87478a6c883c73549c9b85a4d601ba4b5d2f6938

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
2/25/2025 6:11:08 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TestComp (M)
16.4.30.20

File size:
393.4 KB (402,856 bytes)

Product version:
4.71.1015.0

Copyright:
Copyright (C) Microsoft Corp. 1995

Original file name:
WEXTRACT.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\sds\unimech32\help\hhupd.exe

Digital Signature
Signed by:
Test Company

Authority:
Root Agency

Valid from:
6/19/1998 6:56:40 AM

Valid to:
1/1/2040 8:59:59 AM

Subject:
CN=Test Company

Issuer:
CN=Root Agency

Serial number:
B7C7B64FC0001A8C11D206F735FDEA4E

File PE Metadata
Compilation timestamp:
7/15/1997 8:48:12 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:mFfDAEl3dJDyndNNiB1Q+yeK9u6NA9hPyYYQmRuiZh9QU5sZo4nQ9lu98i:e7JDyfNi9QGbPKvuU5sZWq7

Entry address:
0x2723

Entry point:
55, 8B, EC, 83, EC, 44, 56, FF, 15, 58, 11, 00, 01, 8B, F0, 8A, 06, 3C, 22, 75, 14, 8A, 46, 01, 46, 84, C0, 74, 04, 3C, 22, 75, F4, 80, 3E, 22, 75, 0D, 46, EB, 0A, 3C, 20, 7E, 06, 46, 80, 3E, 20, 7F, FA, 8A, 06, 84, C0, 74, 07, 3C, 20, 7F, 03, 46, EB, F3, 83, 65, E8, 00, 8D, 45, BC, 50, FF, 15, CC, 10, 00, 01, F6, 45, E8, 01, 74, 06, 0F, B7, 45, EC, EB, 03, 6A, 0A, 58, 50, 56, 6A, 00, 6A, 00, FF, 15, C8, 10, 00, 01, 50, E8, 0E, 00, 00, 00, 8B, F0, 56, FF, 15, C4, 10, 00, 01, 8B, C6, 5E, C9, C3, 56, 33, F6...
 
[+]

Entropy:
7.8357

Developed / compiled with:
Microsoft Visual C++

Code size:
36 KB (36,864 bytes)

Remove hhupd.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.