home

HipsTray.exe

Huorong Internet Security

HuoRongBoRui (Beijing) Technology Co.,Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Sysdiag’.
Publisher:
Beijing Huorong Network Technology Co., Ltd.  (signed by HuoRongBoRui (Beijing) Technology Co.,Ltd)

Product:
Huorong Internet Security

Description:
Huorong Internet Security Tray

Version:
0, 1, 0, 80

MD5:
2013e54db07fc034204e71a5af7bf25f

SHA-1:
66819d6bd75c679133ff7333179bb6a4c8247cf7

SHA-256:
11d65c049396c7a601f250425e424e74c3127c53abe2c24ace8631f129622d6a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 1:02:38 PM UTC  (today)

File size:
1.3 MB (1,327,232 bytes)

Product version:
4.0.0.0

Copyright:
Beijing Huorong Network Technology Co., Ltd.

Original file name:
HipsTray.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\huorong\sysdiag\bin\hipstray.exe

Digital Signature
Signed by:
HuoRongBoRui (Beijing) Technology Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
5/25/2015 8:00:00 AM

Valid to:
6/24/2018 7:59:59 AM

Subject:
CN="HuoRongBoRui (Beijing) Technology Co.,Ltd", O="HuoRongBoRui (Beijing) Technology Co.,Ltd", L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
705BAFA86C31B25B22F23B09AB056BCF

File PE Metadata
Compilation timestamp:
3/16/2017 4:19:43 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x5C61A

Entry point:
E8, 16, 05, 00, 00, E9, 5C, FE, FF, FF, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 53, 56, 6A, 17, E8, 72, D2, 03, 00, 85, C0, 74, 05, 8B, 4D, 08, CD, 29, 33, F6, 8D, 85, DC, FC, FF, FF, 68, CC, 02, 00, 00, 56, 50, 89, 35, 7C, 9B, 4D, 00, E8, 17, 08, 00, 00, 83, C4, 0C, 89, 85, 8C, FD, FF, FF, 89, 8D, 88, FD, FF, FF, 89, 95, 84, FD, FF, FF, 89, 9D, 80, FD, FF, FF, 89, B5, 7C, FD, FF, FF, 89, BD, 78, FD, FF, FF, 66, 8C, 95, A4, FD, FF, FF, 66, 8C, 8D, 98, FD, FF, FF, 66, 8C, 9D, 74, FD, FF, FF, 66, 8C, 85, 70, FD...
 
[+]

Entropy:
6.0797

Code size:
648 KB (663,552 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Sysdiag

Command:
"C:\Program Files\huorong\sysdiag\bin\hipstray.exe"


Scan HipsTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.