home

setuphdp_051221.exe

This is a setup program which is used to install the application.
MD5:
730d94dbefbee10426c937696eafef58

SHA-1:
f898e8df3175bbaa0b5dd93e19f0266e72778a5f

SHA-256:
5ab1d53fecff693b66066296fb1a5663de5207a07244746e37f618dd4ff6fc2f

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 10:31:52 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.KeyLogger.21030
9.0.1.0261

ViRobot
Backdoor.Win32.A.Hupigon.14135462[h]
2014.3.20.0

File size:
13.5 MB (14,135,462 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setuphdp_051221.exe

File PE Metadata
Compilation timestamp:
9/23/2004 10:06:20 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
4.20

CTPH (ssdeep):
393216:gZ7slna08TshfX9M5+EziDW+F7Fc3tdRcRBx9/jjet:gqfbfM5+VDW+FBYnRGhjit

Entry address:
0x18880

Entry point:
64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, F8, C6, 41, 00, 68, 24, A4, 41, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, 54, 34, 42, 00, A3, CC, 04, 42, 00, 33, C0, A0, CD, 04, 42, 00, A3, D8, 04, 42, 00, A1, CC, 04, 42, 00, C1, 2D, CC, 04, 42, 00, 10, 25, FF, 00, 00, 00, A3, D4, 04, 42, 00, C1, E0, 08, 03, 05, D8, 04, 42, 00, A3, D0, 04, 42, 00, E8, FA, 1A, 00, 00, 85, C0, 75, 0A, 6A, 1C, E8, 2F, 01, 00, 00, 83, C4, 04, C7, 45, FC, 00, 00, 00, 00, E8, 00, 19, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v4.2

Code size:
106.5 KB (109,056 bytes)

The file setuphdp_051221.exe has been seen being distributed by the following 3 URLs.

&onid=7970&oid=3001-7970_4-10127412&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=video/dvd-software&topicbrcrm=&pid=10479858&mfgid=101953&merid=101953&ctype=dm&cval=NONE&devicetype=desktop&pguid=de870ca8e8c75015216755ab&viewguid=ejYdIXuFOsByJVltBPZZ8dqPMNDpUkOEACKK&destUrl=http://files.downloadnow.com/s/software/10/47/98/.../HDP_051221.EXE

http://files.downloadnow.com/s/software/10/47/98/.../HDP_051221.EXE

http://chph.softwaretop.net/2014/.../hero-dvd-player-308.exe

Scan setuphdp_051221.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.