hidemyipsrv.exe

HideMyIpSRV.exe

My Privacy Tools, Inc.

The executable hidemyipsrv.exe has been detected as malware by 3 anti-virus scanners. It runs as a separate (within the context of its own process) windows Service named “HideMyIpSRV”.
Publisher:
Hide My IP  (signed by My Privacy Tools, Inc.)

Product:
HideMyIpSRV.exe

Version:
3.0.0.16

MD5:
786d43f51acdfcb073220bc3c9d22f24

SHA-1:
e681317792843f3bd11de56dcf6c2327a582a9b6

SHA-256:
2a71d46dcfa5e8c9843f18f3c49f228d3716afd7daa2d236702b22805edf3bb8

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
12/28/2024 12:45:18 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Floxif.A
2013.0.4447

ESET NOD32
Win32/Floxif.H virus
6.3

F-Prot
W32/Floxif.B
4.6.5.141

File size:
3.9 MB (4,048,911 bytes)

Product version:
3.0.0.16

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\hide my ip 6\hidemyipsrv.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
1/20/2016 6:00:00 AM

Valid to:
3/27/2016 5:59:59 AM

Subject:
CN="My Privacy Tools, Inc.", O="My Privacy Tools, Inc.", STREET=7770 Regents Rd 113-644, L=San Diego, S=CA, PostalCode=92122, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00911040C809AAEE9A1F2F8DD9927C9E96

File PE Metadata
Compilation timestamp:
2/28/2016 11:54:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:ZJgXyaoj8S/htbCK4UxQP7Ond2IpAOWMeZ26TYY76rtaPuVjnfCwz:UfEOoxPnd9AOWDx76rtXVj3

Entry address:
0x1A4733

Entry point:
E9, 3D, A3, F6, FF, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, F1, 45, 01, 00, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B, EC, FF, 75, 0C, 6A, 0A, 6A, 00, FF, 75, 08, E8, 03, 46, 01, 00, 83, C4, 10, 5D, C3, 8B, FF, 55, 8B, EC, 5D, E9, C6, FF, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, D1, FF, FF, FF, 8B, FF, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, F1, 48, 01, 00, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B, EC, FF, 75, 0C, 6A, 0A, 6A, 00, FF, 75, 08, E8, 03, 49, 01, 00, 83, C4, 10, 5D, C3, 8B, FF...
 
[+]

Entropy:
5.9482

Packer / compiler:
Xtreme-Protector v1.05

Code size:
3 MB (3,152,384 bytes)

Service
Display name:
HideMyIpSRV

Description:
HideMyIpSRV's Redirector service

Type:
Win32OwnProcess

Depends on:
RPCSS


Remove hidemyipsrv.exe - Powered by Reason Core Security