» dotnetcheck.exe
Overview
Analysis
File Details

dotnetcheck.exe

HTTO GROUP Ltd

The application dotnetcheck.exe by HTTO GROUP has been detected as adware by 6 anti-malware scanners.

File name:

dotnetcheck.exe

Publisher:

HTTO GROUP Ltd (signed and verified)

MD5:

4057ce51fe01b25b60ab9abbf81f3a04

SHA-1:

de979725415c8bf2e4bb8d091d396f595e4e7697

SHA-256:

cb6c20524b5e2416728721d3af944524230c854870b5003ecb19bd82c9162b93

Scanner detections:

6 / 68

Status:

Adware

Analysis date:

7/5/2025 8:25:38 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.Snoozer

4.0.3.15916

Bkav FE

W32.HfsAdware

1.3.0.6979

ESET NOD32

Win32/Adware.Snoozer (variant)

9.11969

Fortinet FortiGate

Riskware/Snoozer

9/16/2015

Malwarebytes

PUP.Optional.HTTOGROUP.A

v2015.09.16.02

Reason Heuristics

PUP.HTTOGROUP (M)

15.9.16.14

File size:

130.9 KB (134,040 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\roaming\fbdownloader\dotnetcheck.exe

Digital Signature

Signed by:

HTTO GROUP Ltd

Authority:

GlobalSign nv-sa

Valid from:

4/11/2014 4:40:57 PM

Valid to:

8/9/2015 1:34:45 PM

Subject:

CN=HTTO GROUP Ltd, O=HTTO GROUP Ltd, L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11215DEE081D303199AC9A4E988FC00929A0

File PE Metadata

Compilation timestamp:

5/9/2011 5:55:40 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:j/UoNf1eu9Ul+oUKYNO4mGL5V8O4lhxeef:4oNjHoUKwO4mGLjC1f

Entry address:

0x11555

Entry point:

E9, F6, 67, 00, 00, E9, DD, 62, 00, 00, E9, DC, 52, 00, 00, E9, 71, 6E, 00, 00, E9, 80, 62, 00, 00, E9, 1B, 62, 00, 00, E9, D0, 81, 00, 00, E9, A7, 62, 00, 00, E9, 40, 88, 00, 00, E9, 59, 7A, 00, 00, E9, B0, 81, 00, 00, E9, BF, 1F, 00, 00, E9, 74, 61, 00, 00, E9, 25, 7A, 00, 00, E9, 64, 6E, 00, 00, E9, 4B, 14, 00, 00, E9, 14, 62, 00, 00, E9, 61, 6E, 00, 00, E9, BC, 30, 00, 00, E9, 37, 21, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC... 
[+]

Entropy:

4.8218

Developed / compiled with:

Microsoft Visual C++ 8.0 (Debug)

Code size:

48.5 KB (49,664 bytes)

Remove dotnetcheck.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.