hss-5.1.5-install-plain-781-plain.exe

Hotspot Shield

The application hss-5.1.5-install-plain-781-plain.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from l.gohss.co.
Product:
Hotspot Shield

Version:
5.1.5.9478

MD5:
62adcf3c6f8e785f94e3035f918222fd

SHA-1:
0beb8ebcbc96d70d8e85bdf02db43a29a684b98b

SHA-256:
201371cdf5a414069f51eb1371f3e0b97e70a07d925b06dd2cb783dbee6951b7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 2:19:32 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.HotspotShield.Installer.Meta (L)
16.6.29.1

File size:
13.6 MB (14,283,592 bytes)

Product version:
5.1.5.9478

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\hss-5.1.5-install-plain-781-plain.exe

File PE Metadata
Compilation timestamp:
12/27/2015 9:25:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:g0SkKTTRRuyH/cxJySHnlJ9DIksXLJoYaPyX+ak:zCFRuyGHnr9MksiY1o

Entry address:
0x327D

Entry point:
0F, AF, F1, 49, F7, C3, 90, FD, 0B, A8, 12, E6, 0C, 78, 0C, 6F, 69, D9, C1, 9D, F4, 26, 8B, E8, 87, DD, 86, C3, 80, D0, BE, C6, C0, 6A, 8D, 1D, 87, D9, 78, 15, 8B, FD, 35, 1B, C4, 26, DA, 0F, AF, C6, 18, D7, 8D, 1D, 51, 89, 17, 94, 57, 18, CF, 21, FD, 8B, F0, 5A, F6, C5, E5, FF, CB, 88, E0, B7, 78, 2B, CA, F6, C6, 9B, 1C, 73, C7, C1, BE, 93, AD, 26, F7, C1, 8A, 96, 29, 78, 8D, 35, A3, 7D, E3, F4, 8D, 0D, 41, 0F, 5E, 87, 0F, BE, CF, 14, 5B, 8D, 05, BB, 89, 38, 14, 53, 68, C6, C6, C1, 00, 28, EB, 8D, 0D, F0...
 
[+]

Entropy:
7.9964  (probably packed)

Code size:
24.5 KB (25,088 bytes)

The file hss-5.1.5-install-plain-781-plain.exe has been seen being distributed by the following URL.

Remove hss-5.1.5-install-plain-781-plain.exe - Powered by Reason Core Security