hp.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s10152.chomikuj.pl and multiple other hosts.
MD5:
4c852b5e46484b5600c309b3867afc9e

SHA-1:
90b593596e5aee153b8c930a0bee81892de9384f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 4:45:41 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.4959

File size:
5.2 MB (5,427,200 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\electronic arts\harry potter y la orden del fénix\hp.exe

File PE Metadata
Compilation timestamp:
6/3/2007 6:18:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:Pr5BOUpaHN7fEcxS0dd1muWdeo4VdowEwQ8FoXfnUIzHVAHmmUkzpwwKAlCP:PlBOUAN8cXdd4n4+YCVl

Entry address:
0x2F5793

Entry point:
E8, DE, 03, 00, 00, E9, 35, FD, FF, FF, CC, FF, 25, F0, 71, 7B, 00, FF, 25, F4, 71, 7B, 00, CC, CC, CC, CC, CC, CC, 83, 3D, 48, 60, E7, 00, 00, 74, 2D, 55, 8B, EC, 83, EC, 08, 83, E4, F8, DD, 1C, 24, F2, 0F, 2C, 04, 24, C9, C3, 83, 3D, 48, 60, E7, 00, 00, 74, 11, 83, EC, 04, D9, 3C, 24, 58, 66, 83, E0, 7F, 66, 83, F8, 7F, 74, D3, 55, 8B, EC, 83, EC, 20, 83, E4, F0, D9, C0, D9, 54, 24, 18, DF, 7C, 24, 10, DF, 6C, 24, 10, 8B, 54, 24, 18, 8B, 44, 24, 10, 85, C0, 74, 3C, DE, E9, 85, D2, 79, 1E, D9, 1C, 24, 8B...
 
[+]

Code size:
4 MB (4,222,976 bytes)

The file hp.exe has been seen being distributed by the following 8 URLs.

http://s10152.chomikuj.pl/File.aspx?e=NB1TJDZPbPo5_4-xvC4d1CTt3SQSdf7HIS7Oue0x834yCs-tXPb2s3QIpMbpADAbSy1cDrEsxDY88UgV-0soODfyZ0PswiYT1jIfk5y2XjDBHoiJe4MKDd1I4E9fIrrY&pv=2

http://s10152.chomikuj.pl/File.aspx?e=NB1TJDZPbPo5_4-xvC4d1LsfnaGZGvvqCDrIm-SBA53tv4tW6gKSXOQNTlQ0s7B6c02VD2Ve20ImxQLqaA3aDa2FSRNgUiKXGrAlLzfFFwYSoMReu48_M_PRxc78_kWS&pv=2

about:internet

Scan hp.exe - Powered by Reason Core Security