» qhtsft64.exe
Overview
Analysis
File Details
Downloads (1)

qhtsft64.exe

Quick Heal AntiVirus

Quick Heal Technologies (Pvt) Ltd.

This is a setup and installation application. The file has been seen being downloaded from download.quickheal.com.

File name:

qhtsft64.exe

Publisher:

Quick Heal Technologies (P) Ltd. (signed by Quick Heal Technologies (Pvt) Ltd.)

Product:

Quick Heal AntiVirus

Description:

Installer Application

Version:

8.0.0.1

MD5:

72e164133a7ade2e137a3851dd69c6ff

SHA-1:

a43d79d482db20f58853bbce1eec07bfaedffd12

SHA-256:

017feb5140b6f21cc4fb8a30244bdc02c86b6776686e47b10d3c995317dab206

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 9:32:34 AM UTC (today)

File size:

431 MB (451,917,848 bytes)

Product version:

15.00

Original file name:

qhunpack.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Digital Signature

Signed by:

Quick Heal Technologies (Pvt) Ltd.

Authority:

VeriSign, Inc.

Valid from:

8/14/2013 8:00:00 AM

Valid to:

10/13/2016 7:59:59 AM

Subject:

CN=Quick Heal Technologies (Pvt) Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Quick Heal Technologies (Pvt) Ltd., L=Pune, S=Maharashtra, C=IN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1B1E84B021B58A4729D1069BA28480BB

File PE Metadata

Compilation timestamp:

4/22/2014 3:12:57 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12582912:FfQNEEeB5AYU4NzU0y1+MzAIVfC2vKblUAOXtFpafiW5gYTTM:tQNEH1U4NI7+2XVC6ActFpaKPYs

Entry address:

0xAE38

Entry point:

48, 83, EC, 28, E8, E7, 76, 00, 00, 48, 83, C4, 28, E9, 16, FE, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 71, 8B, 01, 00, FF, 15, 13, E4, 00, 00, 4C, 8B, 1D, 5C, 8C, 01, 00, 4C, 89, 5C, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, 19, B2, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, 1C, 8B, 01, 00, 48, 89, 44, 24... 
[+]

Entropy:

7.9926 (probably packed)

Code size:

93 KB (95,232 bytes)

The file qhtsft64.exe has been seen being distributed by the following URL.

http://download.quickheal.com/builds/2014/eval/.../QHTSFT64.EXE

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.