home

hdd32.exe

Aladdin Knowledge Systems Ltd.

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from doc-0c-0g-docs.googleusercontent.com and multiple other hosts.
Publisher:
Aladdin Knowledge Systems Ltd.

Description:
HASP Device Drivers

Version:
5.22.1305.1

MD5:
29093d451ddf797e3aceeefe5fd0934f

SHA-1:
8e8739780a9f1b490468c351de1a1f10924204a1

SHA-256:
39055c8f88109a81a4a12c818f4a6ecfc9d649d57923e649c0a7edb4e37ab59b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 6:28:22 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Trojan.Heur.DNP.@p0@ai4LOPg
8.14.02.06.02

File size:
4.9 MB (5,095,398 bytes)

Copyright:
1985-2006 Aladdin Knowledge Systems Ltd.

File type:
Executable application (Win32 EXE)

Installer:
Wise Installer

Common path:
C:\Program Files\infomedia\microcat live toyota\dongle drivers\hasp\hdd32.exe

File PE Metadata
Compilation timestamp:
10/25/2001 10:47:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:uC7eDDjHH+1ovx8OE85rOEWRoXwDnd30OPkRDq5AkysAQYxk+BpReJ5X4tfHS5Wf:uC7A+1U8/ckoXAdJSqEsAnxdD0J54fHj

Entry address:
0x21AF

Entry point:
55, 8B, EC, 81, EC, 2C, 05, 00, 00, 53, 56, 57, 6A, 01, 5E, 6A, 04, 89, 75, E8, FF, 15, 54, 40, 40, 00, FF, 15, 50, 40, 40, 00, 8B, F8, 89, 7D, F4, 8A, 07, 3C, 22, 0F, 85, CC, 00, 00, 00, 8A, 47, 01, 47, 89, 7D, F4, 33, DB, 3A, C3, 74, 0D, 3C, 22, 74, 09, 8A, 47, 01, 47, 89, 7D, F4, EB, EF, 80, 3F, 22, 75, 04, 47, 89, 7D, F4, 80, 3F, 20, 75, 09, 47, 80, 3F, 20, 74, FA, 89, 7D, F4, 53, FF, 15, 6C, 40, 40, 00, 80, 3F, 2F, 89, 45, F8, 75, 64, 8A, 47, 01, 3C, 53, 74, 04, 3C, 73, 75, 06, 89, 35, 58, 53, 40, 00...
 
[+]

Packer / compiler:
Wise Installer Stub

Code size:
8.5 KB (8,704 bytes)

The file hdd32.exe has been discovered within the following programs.

BioExplorer  by CyberEvolution, Inc
www.CyberEvolution.com
About 2% of users remove it
CADS Software Licence Manager  by Computer and Design Services Ltd
www.cads.co.uk
About 8% of users remove it
DIS-Pro (TM) - Completion fluid displacement  by Pegasus Vertex, Inc.
www.pvivom.com
About 2% of users remove it
Easy-PC Version 12  by Number One Systems
Publisher's description - “As the 'Best In Class' PCB layout and design product in Europe witin the shrink-wrapped market, Easy-PC is also one of the most developed products.”
www.numberone.com
About 8% of users remove it
FactoryTalk Activation Manager 3.50.00 (CPR 9 SR 5)  by Rockwell Automation, Inc.
Publisher's description - “FactoryTalk Activation is part of the FactoryTalk Services Platform. It allows FactoryTalk enabled products to be activated via files generated by Rockwell Automation over the Internet. It eliminates the dependency on physical media to initiate activation.”
www.rockwellautomation.com/rockwellsoftware/factorytalk/activation.html
9% remove it
GeoStudio 2004  by GEO-SLOPE International Ltd.
Publisher's description - “GeoStudio is a product suite for geotechnical and geo-environmental modeling, broad enough to handle all your modeling needs.”
www.geo-slope.com
About 9% of users remove it
GroundMat  by SKM Systems Analysis inc.
www.SKM.com
About 6% of users remove it
GroundMat_2 (C:\GroundMat_2)  by SKM Systems Analysis inc.
About 7% of users remove it
Microcat For Hyundai  by Infomedia Ltd
www.infomedia.com.au
About 5% of users remove it
MimakiProfileMasterII  by MIMAKI ENGINEERING CO., LTD.
www.mimaki.co.jp
About 9% of users remove it
 
Latest 20 of 17 programs
Powered by Should I Remove It?

The file hdd32.exe has been seen being distributed by the following 9 URLs.

https://doc-0c-0g-docs.googleusercontent.com/docs/securesc/nkm7vdoh021hi2q92b0k0vkgbmb4jluk/u9f1lgmd84akk0lngn7lcah8h7f3of9p/1477058400000/.../13958448708662742250/0B_N2GQPe-j46c1Ixc2FmbV9Fa2s?e=download

http://www.finesoftware.pl/download.php?file=Hardlocks

http://download.winmentor.ro/WinMentor/.../hdd32.exe

ftp://ftp.alternateweb.com.br/Instaladores/hasp/.../1_hdd32.exe

ftp://ftp.winmentor.ro/WinMentor/.../hdd32.exe

http://www.altoqi.com.br/.../hdd32.exe

http://www.itcimaging.com/v7/downloads/docstar/drivers/hasp-4-parallel/4-102-5/hasp4driversetup/.../download

http://www.finesoftware.eu/download.php?file=Hardlocks

http://info.alldata.com/.../hasp.exe

Scan hdd32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.