» HJTInstall.exe
Overview
Analysis
File Details
Programs (1)
Downloads (33)

HJTInstall.exe

HijackThis

Trend Micro, Inc.

File name:

HJTInstall.exe

Publisher:

Trend Micro Inc. (signed by Trend Micro, Inc.)

Product:

HijackThis

Version:

2.00.2

MD5:

ab1c4deab684b0d883cfaa82c7bc6d19

SHA-1:

2cff1effdd174e7e2dcc24f93a17f782d40380e3

SHA-256:

132280692b44037d2205281a490525ac1ecba5499087dec2506d5eca07851b35

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 5:19:19 AM UTC (today)

File size:

793.3 KB (812,344 bytes)

Product version:

2.00.2

Original file name:

HJTInstall.exe

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Trend Micro, Inc.

Authority:

VeriSign, Inc.

Valid from:

1/30/2007 8:00:00 AM

Valid to:

2/16/2008 7:59:59 AM

Subject:

CN="Trend Micro, Inc.", OU=RD, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Trend Micro, Inc.", L=Taipei, S=Taiwan, C=TW

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

225C8B52640584163EC1835017DED781

File PE Metadata

Compilation timestamp:

6/8/2007 1:00:02 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

12288:vIUg34Nd57QOyFO9CjUSbEAVG95YnNsr2ytL2cc3Gr1X3:BNdZH2pUmEEsunNsr2y2

Entry address:

0x1FAC9

Entry point:

E8, B5, 9B, 00, 00, E9, 16, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 2C, 35, 44, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 2C, 35, 44, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B... 
[+]

Entropy:

6.8279

Code size:

208 KB (212,992 bytes)

The file HJTInstall.exe has been discovered within the following program.

SketchUp 8 by Trimble Navigation Limited

Publisher's description - “Redecorate your living room. Invent a new piece of furniture. Model your city for Google Earth. There's no limit to what you can create with SketchUp.”

www.sketchup.com/intl/en/product/gsu.html

9% remove it

The file HJTInstall.exe has been seen being distributed by the following 33 URLs.

https://test.trendsecure.com/portal/en-US/.../HJTInstall.exe

http://www.pc-magazin.de/filedownload/documents/.../HJTInstall.exe

http://i.download.idg.pl/fannef/4e3637d0d368bcaae5ba29d452d57726/58801553//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/888d330b7080f5fce7bf0bf2e14acbc6/57bc93cd//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/bbe5769b4a650eca0e2c57d3cc7ec4a3/57fe4773//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/ebca7e6916e8bf21b2b162b7a96f8ad5/56df6fc2//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://downloads.ziddu.com/downloadfiles/.../HJTInstall.exe

http://i.download.idg.pl/fannef/0a2cd7d7bc8fe0cb2b80edbf59255fe4/57702749//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/b077bd80ee9e617726e098476ccb84d0/57c4b29c//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/0a31d4e767ce191f3e61241c3c34a7b3/57ac2cf2//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://www.bright.net/.../HJTInstall.exe

http://i.download.idg.pl/fannef/1090d7ae54f6827141f6203d1fe18afc/565c6fac//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/4ddb4fd4fac377550d57096b2b8af581/58274b3e//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/1563625d02b67dae98780bee8c5c1375/56d1c97f//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/ff69cf1c147960c1de9cac885cf58674/56f67a56//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://s10013.chomikuj.pl/File.aspx?e=LSU7ueepOUd2vwMaYuq0On4IGRzoRDga4NVOC2TELc9lv92rK2Q3U2Nk2_hg9mp7JE1pXRGtQ_8VtxkuqB4vjoPiyONYnvCWAFS0xvcmbTXrjvUZnn1Dbrg2XB3nhTEM3L7uJSIaQuVZl68Gy8VQnQ&pv=2

http://i.download.idg.pl/fannef/d4955ad1e21d7cb90ff664967452e03a/5671c4c0//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/88a878729b889acbfc896e21e09c79c4/566bcb0d//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/7fc3981660f06e9d381fc16f1b68d7ec/56fe21c6//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://i.download.idg.pl/fannef/923f3fd530dfd8ed4aa4b7ee57d0a5b4/56bdb347//zx/vol2/w95/inetutils/.../HJTInstall.exe

http://www.filehippo.com/download/file/.../

http://s10013.chomikuj.pl/File.aspx?e=LSU7ueepOUd2vwMaYuq0OqvMtVdUzFyXXNxHsmPAmxzvMedTM2u2-9qEm8Zn-Yo1aeyZOncvhMGnCHwBtf0u8lWHClsa53VUgrGyDVc89bilNc-W2RBBg2sR1ttR8BFedTo9npPDWKxFlOjBjI4Jiw&pv=2

http://downloads.hotdownloads.ru/.../HJTInstall.exe

http://www.filehippo.com/download/file/.../

http://www.whatthetech.com/.../HJTInstall.exe

http://fs30.filehippo.com/4938/.../HJTInstall.exe

http://www.commentcamarche.net/download/.../telecharger-159-hijackthis

http://software-files-l.cnet.com/s/software/10/78/13/.../HJTInstall.exe

Latest 30 of 33 download URLs

Scan HJTInstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.