home

hlc_1_setup.exe

The executable hlc_1_setup.exe has been detected as malware by 10 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from s6233.chomikuj.pl and multiple other hosts.
MD5:
119c347aaf83734cdf97acca3703b8c1

SHA-1:
08e3a2be22979860b664b9e05db777ffa08584ce

SHA-256:
4e1c48b9b8ed2d81e267d0a5a6a4f9a150c79abc30d9b21c42433406f2aa2d24

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
11/23/2024 10:00:36 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod3c2.Trojan
1.3.0.4959

Comodo Security
TrojWare.Win32.Trojan.Agent.~LUQ
19449

F-Prot
W32/TrojanX.CSIM
v6.4.7.1.166

K7 AntiVirus
Password-Stealer
13.183.13286

Malwarebytes
Worm.Magania
v2014.09.16.07

Norman
Suspicious_Gen2.CGSHN
11.20140916

nProtect
Trojan/W32.Agent.1280303
14.09.07.01

Rising Antivirus
PE:Trojan.Win32.Generic.1276D81A!309778458
23.00.65.14914

VIPRE Antivirus
Trojan.Win32.Generic
32906

ViRobot
Trojan.Win32.PSWMagania.163840
2011.4.7.4223

File size:
1.2 MB (1,280,303 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:4NwAuOBwuRkhUrQsEnvR9YkE6vGoFEllf6A4DhLFzKJR/4Pwvk+OQRsXOV:4SJOBnRk6rQ7p9YP6El0AsLFzMccc2sy

Entry address:
0xE840

Entry point:
55, 8B, EC, 83, C4, F4, B8, 88, E7, 40, 00, E8, 94, 54, FF, FF, E8, 77, FC, FF, FF, E8, 66, 45, FF, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
54.5 KB (55,808 bytes)

The file hlc_1_setup.exe has been seen being distributed by the following 3 URLs.

http://s6233.chomikuj.pl/File.aspx?e=uhFw0aiIHxqb0lpICrnNIfbhJ4KnAFNHl3fpRSqIdoAsqKaWaBLlASzX5rAQ8DwItJsKuzrNSEPMzUePATDNfqR7vL3z6q8o0B5tIx6mtXZn39uP2v7HQpuNk4xbIAqAt9waKL6uCWWoeRDJlFxIuw&pv=2

http://www67.zippyshare.com/d/69965786/.../HLC_1_setup.exe

http://www67.zippyshare.com/d/69965786/.../HLC_1_setup.exe

Remove hlc_1_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.