home

interhop.exe

Xiaodong Wang

The application interhop.exe by Xiaodong Wang has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a windows Service named “InterHop”.
Publisher:
Xiaodong Wang  (signed and verified)

MD5:
b31a7b5e6b4c566cc3ddc26831c8120e

SHA-1:
667c29902a29b82566e1c189e7354da9e5c79d34

SHA-256:
93b8ef13e6b86f73da19154fd0f3a62630d3fc713d99a5bb2cff274fa70dd513

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/6/2024 10:36:33 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.InterHop (M)
16.10.4.12

File size:
434.2 KB (444,648 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\interhop\interhop.exe

Digital Signature
Signed by:
Xiaodong Wang

Authority:
thawte, Inc.

Valid from:
9/18/2016 3:00:00 AM

Valid to:
8/9/2017 2:59:59 AM

Subject:
CN=Xiaodong Wang, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
0A4376BB30B80CD104AC42B125DE050A

File PE Metadata
Compilation timestamp:
9/18/2016 9:36:55 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
12288:ng9K9picjH6D8Z4xMmUF+choF0LtqM5NBq:ng9K9vH6D8ZEY+60P

Entry address:
0xA39C4

Entry point:
9C, C7, 04, 24, BC, 09, 91, 47, 60, 9C, C7, 44, 24, 20, 9A, BB, 3F, EA, 60, 57, C6, 44, 24, 04, 69, 8D, 64, 24, 44, E9, 84, 9B, 05, 00, B9, 32, E0, 98, D6, 72, C4, AE, F0, 7C, 2A, 7A, 28, DA, 78, 80, EA, 88, 5E, 86, 50, 8A, 58, E1, 29, 4E, 5F, 25, F7, 95, C2, 68, E2, 0E, 5C, D0, 2E, 78, 80, 9E, BF, D3, 47, E1, 60, AE, DB, 78, D6, 4E, F8, 32, 2C, BA, 95, D3, 33, 8E, F0, 68, 17, 6B, 05, E1, A8, 54, E6, F8, 2A, 94, 42, F3, 43, 70, 7B, 9E, D9, 11, 36, FE, 60, EE, 95, DD, 93, 53, 35, A8, B5, FD, 04, 16, E6, 88...
 
[+]

Code size:
274.5 KB (281,088 bytes)

Service
Display name:
InterHop

Type:
Win32OwnProcess, InteractiveProcess


Remove interhop.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.