qhtsft64.exe

Quick Heal AntiVirus

Quick Heal Technologies (Pvt) Ltd.

This is a self-extracting archive and installer. The file has been seen being downloaded from www.filehorse.com and multiple other hosts.
Publisher:
Quick Heal Technologies Ltd.  (signed by Quick Heal Technologies (Pvt) Ltd.)

Product:
Quick Heal AntiVirus

Description:
Installer Application

Version:
10.1.0.6

MD5:
03eefdf11476f546456de894767b63d4

SHA-1:
c6b313c6968db877e18c79b65557ce446a6025f6

SHA-256:
c83c27d0f345d14020220915902e03593da258ca617c386f2cef78decebad21a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 1:36:57 PM UTC  (today)

File size:
265.2 MB (278,062,016 bytes)

Product version:
17.00

Copyright:
© Quick Heal Technologies Ltd. All rights reserved.

Original file name:
qhunpack.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
8/14/2013 5:30:00 AM

Valid to:
10/13/2016 5:29:59 AM

Subject:
CN=Quick Heal Technologies (Pvt) Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Quick Heal Technologies (Pvt) Ltd., L=Pune, S=Maharashtra, C=IN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1B1E84B021B58A4729D1069BA28480BB

File PE Metadata
Compilation timestamp:
6/6/2016 5:43:54 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6291456:e2wr26uwgVWf52JhrqFkLRVcc/4bA/DwngC+FsEL6YqxdxdUXit:VrHDMf52DqFWAn+0YBU1dUSt

Entry address:
0xB998

Entry point:
48, 83, EC, 28, E8, E7, 76, 00, 00, 48, 83, C4, 28, E9, 16, FE, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 11, 80, 01, 00, FF, 15, BB, D8, 00, 00, 4C, 8B, 1D, FC, 80, 01, 00, 4C, 89, 5C, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, 19, B2, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, BC, 7F, 01, 00, 48, 89, 44, 24...
 
[+]

Entropy:
7.9895  (probably packed)

Code size:
96 KB (98,304 bytes)

The file qhtsft64.exe has been seen being distributed by the following 2 URLs.

http://www.filehorse.com/download/file/.../