home

HyperHQ.exe

HyperHQ

HyperSpin-FE.com

The executable HyperHQ.exe has been detected as malware by 18 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc204.4shared.com and multiple other hosts.
Publisher:
HyperSpin-FE.com

Product:
HyperHQ

Version:
1.1.0.0

MD5:
b7d2768edfef99e5de594ed7e1393bbf

SHA-1:
d2a400b4c8d4d767a2adde086664c505ae3551a0

SHA-256:
8cf95eec254641406001617841d647935c46a0b013d8df4ad067c51ddc9d56ef

Scanner detections:
18 / 68

Status:
Malware

Analysis date:
11/5/2024 7:09:33 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Rogue.1497634
8.3.2.2

avast!
Win32:Dropper-gen [Drp]
2014.9-151122

AVG
VBCrypt
2016.0.2917

Bkav FE
HW32.Packed
1.3.0.7383

Clam AntiVirus
Win.Trojan.Generickd-1801
0.98/21511

Dr.Web
BACKDOOR.Trojan
9.0.1.0326

IKARUS anti.virus
Trojan.VBCrypt
t3scan.1.9.5.0

K7 AntiVirus
Riskware
13.212.17693

McAfee
Artemis!B7D2768EDFEF
5600.6573

nProtect
Worm/W32.WBNA.5157149
15.10.29.01

Qihoo 360 Security
Win32/Trojan.166
1.0.0.1015

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.151120

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R047C0EGD15
10.465.22

Vba32 AntiVirus
Worm.WBNA
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
44896

ViRobot
Worm.Win32.A.WBNA.5157149[h]
2014.3.20.0

Zillya! Antivirus
Worm.WBNA.Win32.248955
2.0.0.2480

File size:
4.9 MB (5,157,149 bytes)

Product version:
1.1.0.0

Copyright:
Copyright HyperSpin-FE.com

Original file name:
HyperHQ.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
2/2/2010 1:50:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:xi/72YXperMaugtFV1b4LQgCK5HDpVdnSWAG1TyEIGpLCJc3oVTMU:risugTaCCVdS/zS3oqU

Entry address:
0x1BA008

Entry point:
EB, 16, 8B, 15, 00, A0, 5B, 00, FF, 32, 8F, 05, 00, A0, 5B, 00, EB, 06, 8F, 05, 00, A0, 5B, 00, B8, 04, 80, 5B, 00, 83, 38, 00, 74, 20, 50, FF, 70, 04, FF, 30, 50, 83, 04, 24, 08, E8, E6, 09, 00, 00, 83, C4, 0C, 58, 8B, 10, C1, E2, 02, 01, D0, 83, C0, 08, EB, DB, E9, 89, 12, 00, 00, 56, 69, 72, 74, 75, 61, 6C, 50, 72, 6F, 74, 65, 63, 74, 00, 00, 00, 00, 00, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 6B, 65, 72, 6E, 65, 6C, 33, 32, 00, 00, 00, 00, 4C, 6F, 63, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 00...
 
[+]

Entropy:
7.9002  (probably packed)

Code size:
424 KB (434,176 bytes)

The file HyperHQ.exe has been seen being distributed by the following 2 URLs.

http://dc204.4shared.com/download/.../hyperhq.exe

http://dc318.4shared.com/download/.../hyperhq.exe

Remove HyperHQ.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.