» hltv.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (2)
Downloads (1)

hltv.exe

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Umyqnaokq’. The file has been seen being downloaded from www.grabconceptsquick.com.

File name:

hltv.exe

MD5:

055e96aa9594edb66083d04cc1cbad1f

SHA-1:

3d38ae07103893c1b7175450c07a0dcd6d992f01

SHA-256:

ee961e92ad4f21f2180e880c05620c4c651170bd8d906a75b56b3b3f3c2d4182

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 6:56:55 PM UTC (today)

File size:

216 KB (221,184 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\hltv.exe

Registration

CLSIDs:

{1D6322AD-AA85-4EF5-A828-86D71067D145}, {4C1FC63A-695C-47E8-A339-1A194BE3D0B8}, {641ABA69-56FD-4029-A445-4D8375D3A699}, {812F944A-C5C8-4CD9-B0A6-B3DA802F228D}, {84302F97-7F7B-4040-B190-72AC9D18E420}, {8A9B1CDD-FCD7-419c-8B44-42FD17DB1887}

COM registered:

Yes

File PE Metadata

OS bitness:

Win64

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Umyqnaokq

Command:

C:\users\{user}\appdata\roaming\lukub\foid.exe

The file hltv.exe has been discovered within the following programs.

Cyberoam Client for Corporate by eLitecore

www.cyberoam.com

About 6% of users remove it

Natural Selection 2 by Unknown Worlds Entertainment

www.naturalselection2.com

About 8% of users remove it

The file hltv.exe has been seen being distributed by the following URL.

http://www.grabconceptsquick.com/.../installer.exe

Scan hltv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.