home

cp028009.exe

HPE USB Key Utility for Windows Package

Hewlett-Packard Company

This is a setup program which is used to install the application. The file has been seen being downloaded from h20566.www2.hpe.com and multiple other hosts.
Publisher:
Hewlett-Packard Development Company, L.P.  (signed by Hewlett-Packard Company)

Product:
HPE USB Key Utility for Windows Package

Version:
2.1.0.0

MD5:
91adf85a9bcc4502e590a62b7e469d1b

SHA-1:
04c0d8a111a02012b02e1d0b777a6c74ac530b62

SHA-256:
f3c6edf8946ced261b8e1e4c0b9f6a87a5c68ceb3db5be79d60ef32940986f21

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/16/2024 5:33:30 AM UTC  (today)

File size:
2.1 MB (2,173,048 bytes)

Product version:
2.1.0.0

Copyright:
© 1999, 2010 Hewlett-Packard Development Company, L.P.

Original file name:
cpqstub.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\cp028009.exe

Digital Signature
Signed by:
Hewlett-Packard Company

Authority:
VeriSign, Inc.

Valid from:
5/10/2013 5:30:00 AM

Valid to:
6/9/2016 5:29:59 AM

Subject:
CN=Hewlett-Packard Company, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Hewlett-Packard Company, L=Andover, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3D05F6CF73804309E0FEFFC950F584A5

File PE Metadata
Compilation timestamp:
7/31/2010 1:04:52 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:Wa17olwmDaH2Fgj95iAsLGRizUn+CDJiHOEOFmmygxuZ18GSrLy:j17oim0v557RgCDE2m7gcPSny

Entry address:
0x20743

Entry point:
E8, F9, B3, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 56, 8D, 45, FC, 50, FF, 75, 0C, FF, 75, 08, E8, 70, B4, 00, 00, 8B, F0, 83, C4, 0C, 85, F6, 75, 18, 39, 45, FC, 74, 13, E8, 9E, 4A, 00, 00, 85, C0, 74, 0A, E8, 95, 4A, 00, 00, 8B, 4D, FC, 89, 08, 8B, C6, 5E, C9, C3, CC, CC, CC, 8B, 54, 24, 04, 8B, 4C, 24, 08, F7, C2, 03, 00, 00, 00, 75, 3C, 8B, 02, 3A, 01, 75, 2E, 0A, C0, 74, 26, 3A, 61, 01, 75, 25, 0A, E4, 74, 1D, C1, E8, 10, 3A, 41, 02, 75, 19, 0A, C0, 74, 11, 3A, 61, 03, 75...
 
[+]

Entropy:
7.9252  (probably packed)

Code size:
216.5 KB (221,696 bytes)

The file cp028009.exe has been seen being distributed by the following 6 URLs.

https://h20566.www2.hpe.com/hpsc/swd/.../obtainSoftware?url=687474703A2F2F646F776E6C6F6164732E6870652E636F6D2F7075622F736F66746C6962322F736F667477617265312F73632D77696E646F77732F70313439343838313334312F763131323732382F63703032383030392E657865

http://h20564.www2.hpe.com/hpsc/swd/.../obtainSoftware?url=687474703A2F2F646F776E6C6F6164732E6870652E636F6D2F7075622F736F66746C6962322F736F667477617265312F73632D77696E646F77732F70313439343838313334312F763131323732382F63703032383030392E657865

https://h20564.www2.hpe.com/hpsc/swd/.../obtainSoftware?url=687474703A2F2F646F776E6C6F6164732E6870652E636F6D2F7075622F736F66746C6962322F736F667477617265312F73632D77696E646F77732F70313439343838313334312F763131323732382F63703032383030392E657865

http://h20565.www2.hpe.com/hpsc/swd/.../obtainSoftware?url=687474703A2F2F6674702E68702E636F6D2F7075622F736F66746C6962322F736F667477617265312F73632D77696E646F77732F70313439343838313334312F763131323732382F63703032383030392E657865

https://h20565.www2.hpe.com/hpsc/swd/.../obtainSoftware?url=687474703A2F2F6674702E68702E636F6D2F7075622F736F66746C6962322F736F667477617265312F73632D77696E646F77732F70313439343838313334312F763131323732382F63703032383030392E657865

http://h20564.www2.hpe.com/hpsc/swd/.../obtainSoftware?url=687474703A2F2F6674702E68702E636F6D2F7075622F736F66746C6962322F736F667477617265312F73632D77696E646F77732F70313439343838313334312F763131323732382F63703032383030392E657865

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.