home

helper.exe

The Witcher 3

NZXT

Publisher:
CD Projekt Red  (signed by NZXT)

Product:
The Witcher 3

Version:
3.0.0

MD5:
63e5051599a30f04fa5488df3ec62de6

SHA-1:
ad6f223eb31af454ed39beefa835548075ba45e2

SHA-256:
01875fc34da4c35b8f5587bb412e9c37801ba330c0e8e14ad99c6689396628fa

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 7:20:00 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Kryptik.FLT trojan
6.3

File size:
694.1 KB (710,768 bytes)

Product version:
3.0.0

Copyright:
Copyright © 2012 CD Projekt Red

Original file name:
Lumonosity 1.5.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\ProgramData\helper\helper.exe

Digital Signature
Signed by:
NZXT

Authority:
COMODO CA Limited

Valid from:
5/15/2014 2:00:00 AM

Valid to:
5/15/2016 1:59:59 AM

Subject:
CN=NZXT, O=NZXT, STREET=13164 E. Temple Ave, L=City of Industry, S=California, PostalCode=91746, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DF5B5005962FF49BD28940CBF0E191A0

File PE Metadata
Compilation timestamp:
3/29/2016 6:37:30 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:QLH+skBtfm9wa0lJoodDa4j33UgE01aRh9Bjo9/3LadE81JVd5:q6eCJoqDaI3AhrU9OdEK7d5

Entry address:
0xAAC6E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
676 KB (692,224 bytes)

Scan helper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.