home

mhotspot_setup_latest.exe

mHotspot

1BN Software & IT Solutions Pvt. Ltd.

The application mhotspot_setup_latest.exe, “mHotspot Setup ” has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from www.mhotspot.com.
Publisher:
1BN Software & IT Solutions Pvt. Ltd.

Product:
mHotspot

Description:
mHotspot Setup

Version:
7.8.8.0

MD5:
78c81ab8c6109b5cd1fcff8b196cda0f

SHA-1:
eaa33ea0a78ee0fe71ddd3cb0e9a5099ddbcb9c0

SHA-256:
119d0f14b4ea979afb224de77e52d643351e395370fa49787d1eda08ad195706

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/28/2024 9:01:10 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Dropper-NVQ [PUP]
160518-2

ESET NOD32
Win32/Virut.NBP virus
8.0.319.0

F-Prot
W32/Virut.C.gen
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.67.0

File size:
1.8 MB (1,905,381 bytes)

Product version:
7.8.8.0

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mhotspot_setup_latest.exe

File PE Metadata
Compilation timestamp:
10/10/1985 3:10:29 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:i4ZvQw9aNEjbOvJxASqChXRR/Cd+HGpfI:i41Q6oEvOvJ+SPBJiI

Entry address:
0x2DBB

Entry point:
68, 5E, 5F, 00, 00, F8, 5A, 8A, EF, 9B, EB, 12, 00, 00, 00, 3C, 52, 8A, C4, 8A, CB, 83, EA, 02, 9B, EB, CF, 00, 00, 00, 91, F7, D0, B1, 9B, F7, D0, F7, D0, 90, F7, D0, 8A, E8, 66, 81, 92, 00, 66, 41, 00, 54, 87, F6, D1, 08, D4, 41, 83, D0, BF, 49, EB, 9F, 00, 00, 00, 00, 00, 18, 3E, 00, 00, 06, 3E, 00, 00, 00, 00, 00, 00, 16, 3C, 00, 00, 26, 3C, 00, 00, 3E, 3C, 00, 00, 50, 3C, 00, 00, 5E, 3C, 00, 00, 70, 3C, 00, 00, 78, 3C, 00, 00, 8C, 3C, 00, 00, 9E, 3C, 00, 00, AE, 3C, 00, 00, C2, 3C, 00, 00, CE, 3C, 00...
 
[+]

Entropy:
7.6916

Code size:
7.5 KB (7,680 bytes)

The file mhotspot_setup_latest.exe has been seen being distributed by the following URL.

http://www.mhotspot.com/mHotspot_setup_latest.exe

Remove mhotspot_setup_latest.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.