home

HypeNet.FirstRun.exe

FirstRun

HypeNet

The Yontoo branded FirstRun executable is distributed as part of a Yontoo product bundle and is desigend to install components of this ad-supported (injection) program as well as 'call home' to inform the server that the extension was installed and may request additional instructions. The application HypeNet.FirstRun.exe by HypeNet has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
HypeNet  (signed and verified)

Product:
FirstRun

Version:
1.0.0.0

MD5:
ff89cb1954a5c19378108c7eea104189

SHA-1:
aecb1e6d3e494788f748915dfbdc88b9f2028c8d

SHA-256:
548803e657ad5bccf1cf2a57730a25b4091398c64373c5c44a38bbb52211ceca

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo ad injection web browser add-on.

Analysis date:
11/23/2024 8:03:10 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.11.16

File size:
1.7 MB (1,757,464 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
HypeNet.FirstRun.exe

File type:
Executable application (Win32 EXE)

Language:
Neovisno o jeziku

Common path:
C:\Program Files\hypenet\hypenet.firstrun.exe

Digital Signature
Signed by:
HypeNet

Authority:
VeriSign, Inc.

Valid from:
1/9/2014 1:00:00 AM

Valid to:
1/10/2015 12:59:59 AM

Subject:
CN=HypeNet, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=HypeNet, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1FBAF70F51194AE01BD4FAB2931DA43A

File PE Metadata
Compilation timestamp:
3/11/2014 5:50:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x1ACD1E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.7 MB (1,748,480 bytes)

Remove HypeNet.FirstRun.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.