home

steamhelpers

KA2E8W2B2IHAR8BG< ProductVersion

SAPO

The file steamhelpers, “RAO9R6R57I6WEN4D8 FileVersion” has been detected as malware by 1 anti-virus scanner.
Publisher:
MA1IEWWX5Z2GMHULHFileDescription  (signed by SAPO)

Product:
KA2E8W2B2IHAR8BG< ProductVersion

Description:
RAO9R6R57I6WEN4D8 FileVersion

Version:
19.0.77.34

MD5:
15e5f98a3efd053090e81ee9729cb375

SHA-1:
9e19a89c4fc69e59433fea7e828e76da93be2748

SHA-256:
b3b224234d3997af398affd1fe9de4016e1168fe00c432c8869cefe1f76f09db

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/23/2025 11:44:14 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.10.10.17

File size:
360.6 KB (369,296 bytes)

Product version:
25.44.58.60

Copyright:
4GPZR3U5HMGJYRN9HLegalTrademarks

Trademarks:
G0JDVV9YOFJJ4WZV< OriginalFilename

Original file name:
lproc.exe

Common path:
C:\users\{user}\appdata\roaming\steamhelpers

Digital Signature
Signed by:
SAPO

Authority:
SAPO

Valid from:
6/5/2015 7:08:35 PM

Valid to:
6/5/2016 7:08:35 PM

Subject:
E=cmd@sapo.pt, CN=SAPO.PT, OU=SAPO Division of Protocol, O=SAPO, L=Opalo, S=Jobila, C=AS

Issuer:
E=cmd@sapo.pt, CN=SAPO.PT, OU=SAPO Division of Protocol, O=SAPO, L=Opalo, S=Jobila, C=AS

Serial number:
00A7AB2CD21ECC7345

File PE Metadata
Compilation timestamp:
6/7/2015 6:45:31 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
80.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:eaxXC72yGazxLJHzhnZTl9l9yGDR2DtQJO5a0DEDQcl/NcfI484uBZU3D6G:ekCwyxLJ9ZaGg5c2atDQwUI4ABK3mG

Entry address:
0x5B11E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
356.5 KB (365,056 bytes)

Remove steamhelpers - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.