» hss-5.1.5-install-plain-781-plain.exe
Overview
Analysis
File Details
Downloads (1)

hss-5.1.5-install-plain-781-plain.exe

Hotspot Shield

The application hss-5.1.5-install-plain-781-plain.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from l.gohss.co.

File name:

Product:

Hotspot Shield

Version:

5.1.5.9478

MD5:

62adcf3c6f8e785f94e3035f918222fd

SHA-1:

0beb8ebcbc96d70d8e85bdf02db43a29a684b98b

SHA-256:

201371cdf5a414069f51eb1371f3e0b97e70a07d925b06dd2cb783dbee6951b7

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/5/2024 8:22:02 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.HotspotShield.Installer.Meta (L)

16.6.29.1

File size:

13.6 MB (14,283,592 bytes)

Product version:

5.1.5.9478

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\hss-5.1.5-install-plain-781-plain.exe

File PE Metadata

Compilation timestamp:

12/27/2015 9:25:41 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

393216:g0SkKTTRRuyH/cxJySHnlJ9DIksXLJoYaPyX+ak:zCFRuyGHnr9MksiY1o

Entry address:

0x327D

Entry point:

0F, AF, F1, 49, F7, C3, 90, FD, 0B, A8, 12, E6, 0C, 78, 0C, 6F, 69, D9, C1, 9D, F4, 26, 8B, E8, 87, DD, 86, C3, 80, D0, BE, C6, C0, 6A, 8D, 1D, 87, D9, 78, 15, 8B, FD, 35, 1B, C4, 26, DA, 0F, AF, C6, 18, D7, 8D, 1D, 51, 89, 17, 94, 57, 18, CF, 21, FD, 8B, F0, 5A, F6, C5, E5, FF, CB, 88, E0, B7, 78, 2B, CA, F6, C6, 9B, 1C, 73, C7, C1, BE, 93, AD, 26, F7, C1, 8A, 96, 29, 78, 8D, 35, A3, 7D, E3, F4, 8D, 0D, 41, 0F, 5E, 87, 0F, BE, CF, 14, 5B, 8D, 05, BB, 89, 38, 14, 53, 68, C6, C6, C1, 00, 28, EB, 8D, 0D, F0... 
[+]

Entropy:

7.9964 (probably packed)

Code size:

24.5 KB (25,088 bytes)

The file hss-5.1.5-install-plain-781-plain.exe has been seen being distributed by the following URL.

http://l.gohss.co/welcome-windows

Remove hss-5.1.5-install-plain-781-plain.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.