interhop.exe

Xiaodong Wang

The application interhop.exe by Xiaodong Wang has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Xiaodong Wang  (signed and verified)

MD5:
6987279590496e7c8f885ca0b3e72f14

SHA-1:
004c0b725823db94642f60ec0597230c0ab6b978

SHA-256:
b2801d49eb98a4bca39b43cb469ef35bd4833518404078ca7581ce84f0beb045

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/6/2024 10:32:22 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.InterHop (M)
16.9.25.22

File size:
434.2 KB (444,648 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\interhop\interhop.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
9/17/2016 9:00:00 PM

Valid to:
8/8/2017 8:59:59 PM

Subject:
CN=Xiaodong Wang, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
0A4376BB30B80CD104AC42B125DE050A

File PE Metadata
Compilation timestamp:
9/18/2016 3:36:55 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
12288:ng9K9picjH6D8Z4xMmUF+choF0LtqM5NBq:ng9K9vH6D8ZEY+60P

Entry address:
0xA39C4

Entry point:
9C, C7, 04, 24, BC, 09, 91, 47, 60, 9C, C7, 44, 24, 20, 9A, BB, 3F, EA, 60, 57, C6, 44, 24, 04, 69, 8D, 64, 24, 44, E9, 84, 9B, 05, 00, B9, 32, E0, 98, D6, 72, C4, AE, F0, 7C, 2A, 7A, 28, DA, 78, 80, EA, 88, 5E, 86, 50, 8A, 58, E1, 29, 4E, 5F, 25, F7, 95, C2, 68, E2, 0E, 5C, D0, 2E, 78, 80, 9E, BF, D3, 47, E1, 60, AE, DB, 78, D6, 4E, F8, 32, 2C, BA, 95, D3, 33, 8E, F0, 68, 17, 6B, 05, E1, A8, 54, E6, F8, 2A, 94, 42, F3, 43, 70, 7B, 9E, D9, 11, 36, FE, 60, EE, 95, DD, 93, 53, 35, A8, B5, FD, 04, 16, E6, 88...
 
[+]

Code size:
274.5 KB (281,088 bytes)

Remove interhop.exe - Powered by Reason Core Security