home

hao123-vietnam.exe

hao123 Desktop Shortcut

The executable hao123-vietnam.exe has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from vn.hao123.com.
Product:
hao123 Desktop Shortcut

Version:
1.0.0.1111

MD5:
8c4ebe68619f8baa67b807c06b65fffe

SHA-1:
b0d9566eb34a4ae0abeb7df1b71b228a8658f394

SHA-256:
ab4620a0d114b1cec4f56509a62cf882cbd960684b5311946e9fc83460779e4f

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
5/8/2024 6:46:40 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160518-2

AVG
Win32/Sality
2015.0.4604

Emsisoft Anti-Malware
Win32.Sality
16.07.16

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

Microsoft Security Essentials
Threat.Undefined
1.225.1578.0

Norman
Win32.Sality.3
19.05.2016 01:04:49

File size:
641 KB (656,416 bytes)

Product version:
1.0.0.1111

Copyright:
(C) 2011 Baidu.com。All Rights Reserved.

Original file name:
Hao123DeskSetup.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
4/10/2010 7:19:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:7mr3uDrM0aexXhN5oZji2RPyygsOii1Fpg7UffVhQ6d9qVBZ:7mr3uHMAxyZBoygBx1Fq7UffjQ6+7

Entry address:
0x354B

Entry point:
69, F2, 3E, 41, 56, 85, EB, 02, 8A, E0, 68, D3, C8, 3D, 00, 68, E2, BE, 7D, 00, 0F, BF, DD, B0, D1, 0F, B7, CF, E8, 91, 00, 00, 00, 88, C6, 69, CB, 95, 8E, AB, 95, 69, C2, 8F, AE, 40, F8, 88, D6, 87, C9, 68, 2A, 10, 00, 00, 5D, 75, 02, 89, D2, 81, ED, 5F, 0B, 00, 00, 8D, 5D, 00, 8B, D0, 2B, CA, 8B, F3, 1A, D2, 81, F6, A4, 01, 00, 00, 0F, CA, EB, 05, 0F, AF, CE, 85, C2, 75, 08, 13, FD, 8D, 2D, 3E, BA, 53, 4C, 80, F2, D5, B9, B1, F8, FF, FF, EB, 0A, 4B, BB, A7, 3A, FD, F1, 80, CF, C4, 45, 81, F1, 74, 06, 00...
 
[+]

Code size:
25 KB (25,600 bytes)

The file hao123-vietnam.exe has been seen being distributed by the following URL.

http://vn.hao123.com/downloadapi?f=Hao123-vietnam

Remove hao123-vietnam.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.