hitmalware.exe

Hit Malware

WeiSiTianYu Software Develop Service Center

This is a setup program which is used to install the application. The file has been seen being downloaded from www.hitmalware.com.
Publisher:
Weskysoft Inc.   (signed by WeiSiTianYu Software Develop Service Center)

Product:
Hit Malware

Version:
1.0

MD5:
585617f05e1ca366289e21e1778d1aef

SHA-1:
54880884f9aca2dff698fce2b48a42adbb4b2a57

SHA-256:
41b5e79cc78eecd45fa274ef21ebc8448831f9fcd5f158681f20459720fa3cef

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 11:44:17 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Comodo Security
ApplicUnwnt
16937

ESET NOD32
Win32/Adware.HitMalware
8.8798

Trend Micro House Call
TROJ_GEN.R2SH1EM
7.2.30

VIPRE Antivirus
Trojan.Win32.Generic
21460

File size:
14.4 MB (15,082,584 bytes)

Product version:
1.0

Copyright:
2010

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\hitmalware.exe

Digital Signature
Authority:
WoSign, Inc.

Valid from:
7/28/2010 2:00:00 AM

Valid to:
7/29/2011 1:59:59 AM

Subject:
CN=WeiSiTianYu Software Develop Service Center, OU=WoSign Class 3 Code Signing, O=WeiSiTianYu Software Develop Service Center, L=Beijing, S=Beijing, C=CN

Issuer:
CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:
00AE328C1100741D85A6AF7D045D09EDB0

File PE Metadata
Compilation timestamp:
6/10/2010 4:33:52 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:P+0IPlD593QV5fDQqooz6zhfN1JrxN6yq1XcWAoz/oLHXm6:2rB3msWz+xrzTdWt+HXm

Entry address:
0x163C4

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 54, 55, 41, 00, E8, 70, 04, FF, FF, 33, C0, 55, 68, 91, 6A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 4D, 6A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, A6, EF, FF, FF, E8, B1, EA, FF, FF, 8D, 55, EC, 33, C0, E8, FB, 87, FF, FF, 8B, 55, EC, B8, A8, D6, 41, 00, E8, A6, EA, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, A8, D6, 41, 00, B2, 01...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
85 KB (87,040 bytes)

The file hitmalware.exe has been seen being distributed by the following URL.

Scan hitmalware.exe - Powered by Reason Core Security