home

checkbho.exe

Centrum Holdings s.r.o.

The application checkbho.exe by Centrum Holdings s.r.o has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
Centrum Holdings s.r.o.  (signed and verified)

Version:
1.0.2.0

MD5:
ab700a03ddf55e9a69121872251a75bf

SHA-1:
7147675edabbdfeb344594ab5ded70cf7f22e111

SHA-256:
c4c0dea794f4ec571674bce7692cd207eb77e9fd6991187594f84f7d21de6ca1

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/16/2024 2:30:32 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.CentrumHoldingssro.I
14.8.12.15

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

File size:
487.5 KB (499,224 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Czech

Common path:
C:\Program Files\centrum holdings s.r.o\lišta centrum.cz\checkbho.exe

Digital Signature
Signed by:
Centrum Holdings s.r.o.

Authority:
COMODO CA Limited

Valid from:
11/24/2011 1:00:00 AM

Valid to:
11/24/2012 12:59:59 AM

Subject:
CN=Centrum Holdings s.r.o., OU=IT, O=Centrum Holdings s.r.o., STREET="Jankovcova 1037/49, Classic 7", L=Prague, S=Prague, PostalCode=170 00, C=CZ

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00889122E005044368951BC5745AD6E993

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:RhClR8RHy2vL1AJPUhbn8TqbLquM00wK3g:LcgHySL16S82b2f09

Entry address:
0x66750

Entry point:
55, 8B, EC, 83, C4, F0, B8, 7C, 58, 46, 00, E8, 44, 02, FA, FF, 68, 28, 68, 46, 00, 6A, FF, 6A, 00, E8, F6, 03, FA, FF, A3, 0C, D6, 46, 00, 83, 3D, 0C, D6, 46, 00, 00, 0F, 84, A1, 00, 00, 00, E8, 9F, 04, FA, FF, 3D, B7, 00, 00, 00, 0F, 84, 91, 00, 00, 00, 33, C0, 55, 68, 1A, 68, 46, 00, 64, FF, 30, 64, 89, 20, A1, 30, 8F, 46, 00, C6, 00, 01, A1, 34, 91, 46, 00, 8B, 00, E8, AE, E0, FE, FF, A1, 34, 91, 46, 00, 8B, 00, BA, 48, 68, 46, 00, E8, 35, DB, FE, FF, A1, CC, 70, 45, 00, E8, 5F, 09, FF, FF, 8B, 0D, 28...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
405.5 KB (415,232 bytes)

Remove checkbho.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.