home

hostgva.exe

Java corporate

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘99HTJ3KH’.
Publisher:
Java corporate  (signed and verified)

Version:
1.0.0.0

MD5:
14a866f77d33d79746c179bb2c8679ed

SHA-1:
33f225dc5f278c5bb30aa065514c8d848c588fed

SHA-256:
ba054847606e9cf76d405460850ceac62992a3884702a8cf117c20f582074450

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/26/2024 10:13:10 PM UTC  (today)

File size:
3.3 MB (3,425,448 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\hostgva.exe

Digital Signature
Signed by:
Java corporate

Authority:
Java corporate

Valid from:
3/14/2017 9:46:27 AM

Valid to:
3/14/2018 9:46:27 AM

Subject:
CN=Java corporate, O=Java corporate, C=BR

Issuer:
CN=Java corporate, O=Java corporate, C=BR

Serial number:
01

File PE Metadata
Compilation timestamp:
3/15/2017 8:42:09 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x8C5000

Entry point:
EB, 04, 68, D9, 9F, D2, 50, EB, 03, E9, 77, 1E, E8, 16, 00, 00, 00, EB, 04, 63, 15, 02, 55, EB, 02, 10, 41, 33, C0, EB, 03, 08, 74, CE, 71, 61, EB, 01, F7, EB, 01, 0F, B8, 34, 48, 36, F7, EB, 04, 10, 98, 1A, 9B, EB, 03, BF, A8, D4, 05, CC, B7, C9, 08, EB, 02, 1B, 1D, 75, 40, EB, 03, 9A, CC, D9, 64, FF, 30, EB, 05, EA, 61, CA, C6, CD, 64, 89, 20, EB, 04, 69, F3, 1C, F0, EB, 02, A9, 3C, 8B, 10, EB, 02, D1, B9, 64, 8F, 00, EB, 04, 18, 88, 40, 91, 83, C4, 04, EB, 01, DB, 58, EB, 05, 1A, 8A, DF, 79, 0D, C3, EB...
 
[+]

Code size:
4.8 MB (5,058,560 bytes)

2 Startup Files (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
99HTJ3KH

Command:
C:\users\{user}\appdata\local\hostgva.exe

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IHJ45DJ3

Command:
C:\users\{user}\appdata\local\hostgva.exe


Scan hostgva.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.