» spyhunters.exe
Overview
Analysis
File Details
Programs (2)
Downloads (20)

spyhunters.exe

Enigma Software Group USA, LLC.

This is a setup program which is used to install the application. This is installed with multiple programs including SpyHunter 4 and SpyHunter. The file has been seen being downloaded from 62.75.197.175 and multiple other hosts.

File name:

spyhunters.exe

Publisher:

Enigma Software Group USA, LLC (signed by Enigma Software Group USA, LLC.)

Description:

SpyHunter

Version:

4.1.11

MD5:

c5129aaed888b5a223a2425464f371fa

SHA-1:

2b5689118af2dc8bf0df097e01e138336c774c34

SHA-256:

e991ece0625c04c7a7b9753f76cc80a269c1860c809e856376c545419cb5d6de

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/5/2024 9:59:47 AM UTC (today)

File size:

14.7 MB (15,397,208 bytes)

Enigma Software Group USA, LLC

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\spyhunter.4.1.11\setup\spyhunters.exe

Digital Signature

Signed by:

Enigma Software Group USA, LLC.

Authority:

VeriSign, Inc.

Valid from:

4/22/2008 3:00:00 AM

Valid to:

4/23/2011 2:59:59 AM

Subject:

CN="Enigma Software Group USA, LLC.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Enigma Software Group USA, LLC.", L=Stamford, S=Connecticut, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6127B01400BEED5731890FC24B5BD4CC

File PE Metadata

Compilation timestamp:

11/21/2007 12:52:34 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

393216:LT2YcmHeJuEkXZ/NeHURMkAy4f93sLnl9FBP44mxkV0K+xS:OYr+JuhXdA0RklIHP44mxkV0E

Entry address:

0x4387

Entry point:

55, 8D, 6C, 24, 88, 81, EC, 7C, 0F, 00, 00, 53, 56, 57, 33, FF, 68, 00, 01, 00, 00, 57, 89, 7D, 14, 89, 7D, FC, 89, 7D, F4, FF, 15, F8, 80, 40, 00, 6A, 04, 89, 45, 70, FF, 15, 24, 81, 40, 00, 89, 7D, 00, 89, 7D, F8, 89, 7D, 18, 89, 7D, F0, 89, 7D, 0C, 89, 7D, 04, 89, 7D, 08, 89, 7D, 40, 89, 7D, 1C, 89, 7D, 24, 89, 7D, 20, FF, 15, B8, 80, 40, 00, 8B, F0, 8A, 06, 3C, 22, 89, 75, 50, 75, 24, EB, 04, 3C, 22, 74, 0E, 46, 8A, 06, 84, C0, 89, 75, 50, 75, F2, 3C, 22, 75, 14, 46, 89, 75, 50, EB, 0E, 3C, 20, 74, 0F... 
[+]

Entropy:

7.9309 (probably packed)

Code size:

24.5 KB (25,088 bytes)

The file spyhunters.exe has been discovered within the following programs.

SpyHunter by Enigma Software Group

SpyHunter is an antivirus program that also includes its built in 'registry cleaner', Reghunter. It also may be bundled with 3rd party pay per install programs such as InstallIQ.

www.enigmasoftware.com/products/spyhunter

41% remove it

SpyHunter 4 by Enigma Software Group

www.enigmasoftware.com

43% remove it

The file spyhunters.exe has been seen being distributed by the following 20 URLs.

http://62.75.197.175/.../spyhunterS.exe

https://onedrive.live.com/download.aspx?cid=E36D4CC0A5FF3611&authKey=!AGUajC0BFhN3Kik&resid=E36D4CC0A5FF3611!19785&ithint=.exe

http://s7333.chomikuj.pl/File.aspx?e=aUJysTN92LoYOvgj7_-ZLn3LQEY4_kW9MdAdb2xwqmI33dj6fnUB2EORYXiQ4RuGNQK_XlI3kcOJnUqwqdV_POjf0b4JWKyS-sfhjWO9AqPOWGrJl_dnWwTZ8wdKlkC8VB6M2qj3yt8GOpCieNcd4JAgWcjj6GbOghmc4ubx8yw&pv=2

http://s6833.chomikuj.pl/File.aspx?e=aUJysTN92LoYOvgj7_-ZLn3LQEY4_kW9MdAdb2xwqmLIlQ_V0k5q1GX3VQL00ZmlQIwSaK9DUGr378ZrlHBTRuUKLkTQNrgWqU76Ycu619nAiqfdwqLV_MJcYCNLEL6-iW1fARVS4cEWukjbVl8XYq5ZluEs_7J7XxnBx62eJfIrhs6Mo9nVUV00m_qfB118&pv=2

https://onedrive.live.com/download.aspx?cid=1A5E4AF4B3998325&resid=1A5E4AF4B3998325!753&canary=IraPR5A nSrEwic LSqpZMUtINzQIvdnHZQHYgh00 M=0

http://www62.zippyshare.com/d/1662024/.../spyhunterS.exe

http://s6833.chomikuj.pl/File.aspx?e=aUJysTN92LoYOvgj7_-ZLn3LQEY4_kW9MdAdb2xwqmLMC7gHnUJKtervZNH6K_poOKJ2yu0IUWOGpzPZMd5S9OcASw58nDxkYNCr0CVFK1d76wrPrlUE8nlE59oDL60RMGNifybRtzxIYY8IBEem0W9BEBRdnEhDRhiyQgv3QwxzT2_xi1nX0ngGCc-MgAOJ&pv=2

http://s7333.chomikuj.pl/File.aspx?e=aUJysTN92LoYOvgj7_-ZLn3LQEY4_kW9MdAdb2xwqmKpT5XhR3yydyqKGkElZM-Lo131rv7rWkTQ5HG6jOYfNmthGEaXBiHxZB0Y1NaDKf8Wl30VsseyWSjb4TJF15ZfT8TYP_H_7yM4JXkYvA0zUBUnxkmDCOnuXJqOlMrzaww&pv=2

http://s6833.chomikuj.pl/File.aspx?e=aUJysTN92LoYOvgj7_-ZLqfc_RLzjOHkldcHGMMCiLgJbQJPeg0fWhbYPLmJaNBLwi_HcE5Pov4oEhymohuxsLtLnPKq2fPEjSKB4v4E5P0ENa8PgoZ9m8hFaqm9eesq5Nr_kJk7bvJxi2073WSzsO6bAAIXDRm7fV2WG73fNUElJniSvoVdySWPBNcWlESm-ntZfqigTEsY-Q1ZozzLdQ&pv=2

http://s7333.abelhas.pt/File.aspx?e=aUJysTN92LoYOvgj7_-ZLtoEeV8Mts3VZZOhCKWexMwLa6187CJSM4EMaoaAKLFXAiB2ftSFO2v-igpInobcQ9o4JsIoUZiX2Z6Ps6tZ5DOL3Z0XlUNEmTIj8U-AxHPe2oKMJkFqFXZqr_W-3O4tKg&pv=2

http://s7333.chomikuj.pl/File.aspx?e=aUJysTN92LoYOvgj7_-ZLn3LQEY4_kW9MdAdb2xwqmLlQ2z9PkpHNAKPxME6Jhk9lsbwBnl7mYWjEuYToltOPAo1pfifmbtojK312_n8Rz8-0IF5AM88sm6augDtx5Nnj-i5q6ogel_-Lf1KXl_HXKEccZDvRFjamQ7n85FbMEs&pv=2

http://www62.zippyshare.com/d/1662024/.../spyhunterS.exe

http://s6833.chomikuj.pl/File.aspx?e=aUJysTN92LoYOvgj7_-ZLn3LQEY4_kW9MdAdb2xwqmJ6zz4McfiuQQd9lmOw5qhiX-7raIiqRfmlkbe9XrM2rgJXw3vNHaKcr86GesnulstdUHNvlbfIB2UHxgbtoYz4JQ16J0tnlhdNXa5F9lrVWDE8Vz2GCoJ3wUjjOgowk2IuK8BQKYx59F0QB26tM-qe&pv=2

http://www62.zippyshare.com/d/1662024/.../spyhunterS.exe

http://www.datafilehost.com/get.php?file=5e4d27c4

about:internet

http://188.138.9.141/.../spyhunterS.exe

https://doc-0o-74-docs.googleusercontent.com/docs/securesc/6dsnjgr1hr5viehp1ace3qbgok4rt88q/sjj08p4jvnf45tdqu92sallaj2ntvd1i/1416592800000/.../07712361952786724073/0Bz5cYjGUKvEcWC1KQ0tPeG1GVVk?e=download

http://s10118.chomikuj.pl/File.aspx?e=aUJysTN92LoYOvgj7_-ZLqkAICRrSUd9raI7b5OKQ2U2_JV_ErZ5MqPICqlwUvopVbb99iUnDH22xMNvW5k9KevBxxxnoQrh_oGIQuzuvuqtjsstjMLU8dNI04TxnWTMByFvJO9FgWVk4eJsFTDFyw6g1RzFBzu8Gr7yXd-8tHmnG6ffaWAoRlsFIJTtutFA&pv=2

Scan spyhunters.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.