ihpul.exe

Wenchao Zhang

The application ihpul.exe by Wenchao Zhang has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
TSvr  (signed by Wenchao Zhang)

Product:
TSvr

Version:
3.0.0.27

MD5:
f4e04b701c4757a1b4921c8e63634ab7

SHA-1:
dd1ba197109d31f2035bd2840e4d9ebc4695f9d1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 5:31:29 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Elex (M)
16.7.26.2

File size:
938.2 KB (960,728 bytes)

Copyright:
Copyroght (c) 2011-2016 tsvr.com

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\clkaphnozother\ihpul.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
6/27/2016 3:00:00 AM

Valid to:
6/9/2017 2:59:59 AM

Subject:
CN=Wenchao Zhang, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
221318A741FC08D36E03B7D7459DF07E

File PE Metadata
Compilation timestamp:
3/22/2010 2:58:57 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:OoVikp7/ZQRrqq77XKJsiKy8DUqvSlfTLIQPIkk75UlFZD:OC/q5znXKJwCqvNkXFZ

Entry address:
0x1154

Entry point:
E9, F7, 56, 00, 00, E9, 32, 96, 00, 00, E9, 5D, D5, 00, 00, E9, 78, 9A, 00, 00, E9, D3, 95, 00, 00, E9, EE, AA, 00, 00, E9, 69, 9B, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Entropy:
7.9118

Packer / compiler:
Xtreme-Protector v1.05

Code size:
59.5 KB (60,928 bytes)

Remove ihpul.exe - Powered by Reason Core Security