home

hc.exe

7-Zip

sw4you GmbH

The program is a setup application that uses the 7z Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Igor Pavlov  (signed by sw4you GmbH)

Product:
7-Zip

Description:
7z Setup SFX

Version:
4.42

MD5:
93e4d53d69238e442f9356d10766f2a5

SHA-1:
b56f12441e17b17bf614b36a0cf49beb7e67a83e

SHA-256:
69a8a97fca085cccc43b95aa6b036eca02e52192daa051bd7405387d2406b7c6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 4:05:02 AM UTC  (today)

File size:
6.7 MB (7,059,200 bytes)

Product version:
4.42

Copyright:
Copyright (c) 1999-2006 Igor Pavlov

Original file name:
7zS.sfx.exe

File type:
Executable application (Win64 EXE)

Installer:
7z Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\hc.exe

Digital Signature
Signed by:
sw4you GmbH

Subject:
CN=sw4you GmbH, O=sw4you GmbH, L=Braunweiler, S=Rheinland-Pfalz, C=DE

Serial number:
25D13FEC950982A9963FA09E3B69CAE3

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
98304:TTrggm9c8uIfxMkr040l9KjpRXG+oYcHaMFKK7DCl1w9ZOlyKJy8irAJ6N0P2G:T5pFIK3Y1WaAK91IYyXrAJ4G

Entry point:
55, 8B, EC, 6A, FF, 68, 98, 99, 41, 00, 68, 64, 4D, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 78, 91, 41, 00, 33, D2, 8A, D4, 89, 15, 30, 15, 42, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 2C, 15, 42, 00, C1, E1, 08, 03, CA, 89, 0D, 28, 15, 42, 00, C1, E8, 10, A3, 24, 15, 42, 00, 6A, 01, E8, FB, 0D, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 4D, 09, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

The file hc.exe has been seen being distributed by the following 10 URLs.

http://gsf-cf.softonic.com/b56/f12/.../file?SD_used=0&channel=WEB&fdh=no&id_file=5249&instance=softonic_en&type=PROGRAM&Expires=1447208225&Signature=g2grjt4oQhdKPI6ViQgY5c4dW9KBXZs8sX~60x5Zq7bTkafd4lqrQndsnFWwaN-rsYej--Iye8QzqZbDmJ18E-d176COSScmMeDCeC8VE7rFxf4oCTFqPb7GbPvnu4~1lkrSFJ3gLH2s1PPY755HpevPdMMSRNKNZLGgaCusnO0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=hc.exe

http://gsf-cf.softonic.com/b56/f12/.../file?SD_used=0&channel=WEB&fdh=no&id_file=5249&instance=softonic_es&type=PROGRAM&Expires=1474975275&Signature=aWxJCem7pZyn6H5sVHiWbVDS0IHgu32ndSgy38Ad5D6wh1CjZ894~snYHxFYHpaS~0hXbi0ro~9Nnrh2dPFXBjNezEQr7gP7LzJji6ZkINUtKeMVoZX8BVdnnY4ED03Q-5nWcLL74HLQ7kVfyYwlB43GfHjVAqIyO-IcJvX~xa4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=hc.exe

http://gsf-cf.softonic.com/b56/f12/.../file?SD_used=0&channel=WEB&fdh=no&id_file=5249&instance=softonic_es&type=PROGRAM&Expires=1425551136&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=hkDO6oRhCOxj1QaqXXbhoIYNxKwIRoUhzLezooPNMFHQ~J0zleRuzXbw~5i3ayj-g9L0lq7DBAr0N5NZ6z4nzoq8u0x1hcdd0mxmTNlkzL7kXPR-CEuYkdOHFJvJv~1AHNqE8buDrNVlc-GOgx1j5UBbb6n0EBWtqad-SGli8Qk_&filename=hc.exe

http://gsf-cf.softonic.com/b56/f12/.../file?SD_used=0&channel=WEB&fdh=no&id_file=5249&instance=softonic_de&type=PROGRAM&Expires=1468041907&Signature=H~DYNxWzBfZuvZ-N-wG9kcmh3XcswNXxXr8UZG4c0Zp1iJ0HW3-4avkeSNj1WlTpqQukEVgPXhTe619FIRuHSDFkL-o6ACu~SSfmYjywkkXdv6G~Nv1pMpfEmstdL7rFVdFtVKVYlcE8goEk3RTGgDCNYJNR0-N-rWkLTbsHRj8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=hc.exe

http://gsf-cf.softonic.com/b56/f12/.../file?SD_used=0&channel=WEB&fdh=no&id_file=5249&instance=softonic_en&type=PROGRAM&Expires=1474967954&Signature=RMC5nBNL~yZKaTt6ZEBMAxeYqSZwcpP9mKiiVfJObsR4MZPWvmfLphMv7GQfgdVjqkpLMivBxog6-~oWXfGKH4vIoDICYwFgegMlo5mJeV~OMtxZNPN~vesq4rvqEalrce1BbRygwoINPOGypu5~yIEF4QM4Wxz40FrPv4wf0bk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=hc.exe

http://d110.cdn.m6web.fr/soft/.../hardcopy_2014-01-27_fr_160846.exe

http://lb.cdn.m6web.fr/d/c/a/e201fe32d22f2a1fa0837dac93be2b86/5463bcf8/soft/.../hardcopy_2014-01-27_fr_160846.exe

http://download.heise.de/software/591f79e0e71122ebb5c3d6426c348d3e/534304cd/.../hc.exe

http://dl.cdn.chip.de/downloads/.../hc2701.exe

http://www.hardcopy.de/hc.exe

Scan hc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.