home

hideman-setup.exe

Hideman

Hideman Ltd.

The executable hideman-setup.exe, “Installer for Hideman VPN client” has been detected as malware by 6 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from download.hideman.net.
Publisher:
Hideman Ltd.

Product:
Hideman

Description:
Installer for Hideman VPN client

Version:
3.3.0.0

MD5:
d04e1d56c73fb1203ee7c44e6e46f873

SHA-1:
db421863278cb1ad0abe235a28bb47879a0f1967

SHA-256:
e1aaed5351234942487a858e065540a9a80102158ab5cb454280a3aed8d4212d

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
4/18/2024 10:57:07 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Kukacka
160518-2

AVG
Win32/Sality
2015.0.4604

Emsisoft Anti-Malware
Win32.Sality
11.5.0.6191

ESET NOD32
Win32/Sality.NBA virus
8.0.319.0

F-Prot
W32/Sality.gen2
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.1693.0

File size:
2.9 MB (3,022,032 bytes)

Product version:
3.3.0.0

Copyright:
© 2012-2014 Hideman Ltd.

Trademarks:
Hideman and Hideman VPN are trademarks of Hideman Ltd.

Original file name:
Hideman.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\hideman-setup.exe

File PE Metadata
Compilation timestamp:
5/18/2011 4:29:38 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:NWQ5ERpAHLAT4M21vk7+rGzh7SjcJjVFiau23ggR/x9OTQNBR30u6ixeLb/9F:NWQ5EnAHLA8M2Fs+azh0cpT4qR/nOTKe

Entry address:
0x383D

Entry point:
60, EB, 02, 89, C3, 68, 87, 7A, 38, 00, 51, 43, 1A, E0, 4D, 81, FB, B4, 44, 00, 00, 78, 05, 43, F3, F6, C5, B2, 50, 50, 81, FD, 20, 8B, 00, 00, 74, 06, 84, EF, 86, E6, 88, EC, 3A, E5, 0B, CF, E8, 1A, 00, 00, 00, 89, D0, 12, F2, 74, 0C, F2, BE, E3, 89, 3F, 51, 8D, 2D, 46, 5C, 8D, 00, 81, F3, 1C, D6, 00, 00, FF, C6, 59, 80, D4, 27, 0F, AF, D9, 71, 02, 23, EE, F7, C7, 27, 04, C6, 1B, FE, CE, FF, CD, 8D, 35, D9, B6, 20, 00, 0D, F9, F9, 2E, C2, 34, 4F, 81, EE, 2A, 0E, 00, 00, 85, C7, 11, C8, 69, C2, 34, 7F, D5...
 
[+]

Entropy:
7.9655  (probably packed)

Code size:
26.5 KB (27,136 bytes)

The file hideman-setup.exe has been seen being distributed by the following URL.

https://download.hideman.net/windows/.../hideman-setup.exe

Remove hideman-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.