» hiderun_x86.exe
Overview
Analysis
File Details

hiderun_x86.exe

Galapo

The executable hiderun_x86.exe, “hides console window of started program” has been detected as malware by 13 anti-virus scanners.

File name:

hiderun_x86.exe

Publisher:

Galapo (signed and verified)

Description:

hides console window of started program

Version:

1.1.0.0

MD5:

2c91ece140db4d25d806da267667cc9d

SHA-1:

5df30cba4de1b492f293a09b267ea80feaaedb8b

SHA-256:

85d2c8771aa90f2a92645a9bea70e1a86a0e439f0711dcbea75a056b747c3958

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

4/18/2024 7:01:51 AM UTC (today)

Scan engine

Detection

Engine version

AVG

HackTool

2015.0.3475

Baidu Antivirus

Trojan.Win32.HideRun

4.0.3.14514

Bkav FE

W32.Clodc2d.Trojan

1.3.0.4959

ESET NOD32

Win32/HideRun

8.9776

Fortinet FortiGate

Riskware/HideRun

5/14/2014

K7 AntiVirus

Trojan

13.177.12026

McAfee

Hiderun!2C91ECE140DB

5600.7131

Norman

HideRun.E

11.20140514

Sophos

HideRun

4.98

VIPRE Antivirus

HackTool.Win32.HideRun.GeN (not malicious)

29018

File size:

8.4 KB (8,568 bytes)

Compiled by Galapo

Original file name:

hiderun.exe

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Digital Signature

Signed by:

Galapo

Authority:

Root Agency

Valid from:

5/6/2010 1:53:23 PM

Valid to:

1/1/2040 12:59:59 AM

Subject:

CN=Galapo

Issuer:

CN=Root Agency

Serial number:

643D723923FD97954205B828C90E271C

File PE Metadata

Compilation timestamp:

6/14/2010 12:09:22 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.56

CTPH (ssdeep):

96:8rMHEHClcH1eMrF+woHePKrNALLoYwzMI/eK/iEPcsQDhiuH:QMHEise++ALcYwzSK/iEP6DhiuH

Entry address:

0x1240

Entry point:

55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 20, 51, 40, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, 38, 51, 40, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, 2C, 51, 40, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 5D, E9, 07, 05, 00, 00, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 81, EC, B8, 00, 00, 00, C7, 45, 94, 00, 00, 00, 00, C7, 45, 90, 00, 00, 00, 00, C6, 45, 8F, 20, E8, 90, 08, 00, 00, 89, 45, 88, 8B, 45, 88, 80, 38, 22, 75, 04, C6, 45, 8F, 22, 8D... 
[+]

Packer / compiler:

MingWin32 GCC, 0x3.x

Code size:

3.5 KB (3,584 bytes)

Remove hiderun_x86.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.