home

HMFAx.dll

Hide My Folders ActiveX control

redple

The module HMFAx.dll, “Hide My Folders ActiveX module” by redple has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Eltima Software  (signed by redple)

Product:
Hide My Folders ActiveX control

Description:
Hide My Folders ActiveX module

Version:
3.5.15.180

MD5:
7021123c31b3fe8014e1699fefae41e2

SHA-1:
137bee5b94b784c9135201064adcd64371fb7ff6

SHA-256:
e55d09e79a01721b11c9e31013d7485c3eaa554c1a125938f2bc9fe126501e1b

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 4:23:32 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.redple (M)
16.1.15.0

File size:
904.4 KB (926,088 bytes)

Product version:
3.5

Copyright:
(c) Eltima Software. All rights reserved.

Trademarks:
(c) Eltima Software. All rights reserved.

Original file name:
HMFAx.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Windows\System32\hmfax.dll

Digital Signature
Signed by:
redple

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/12/2010 9:00:00 AM

Valid to:
6/12/2011 8:59:59 AM

Subject:
CN=redple, O=redple, L=SEOUL, S=GYEONGGI-DO, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
2753DC079C467EDDB3E2DA78A3F1219C

File PE Metadata
Compilation timestamp:
4/30/2008 11:41:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
12288:3525zquKNd5alW8gqbgrPwKwXVtrgCNE/1x6BnG0gSmk1eRy8Z:J25+uoP0JErwXVeCwxR2mm6Z

Entry address:
0x858CE

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 36, 4A, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 6A, 0C, 68, 18, E1, 0A, 10, E8, 05, 2D, 00, 00, 8B, 4D, 08, 33, FF, 3B, CF, 76, 2E, 6A, E0, 58, 33, D2, F7, F1, 3B, 45, 0C, 1B, C0, 40, 75, 1F, E8, 8F, 15, 00, 00, C7, 00, 0C, 00, 00, 00, 57, 57, 57, 57, 57, E8, 20, 15, 00, 00, 83, C4, 14, 33, C0, E9, D5, 00, 00, 00, 0F, AF, 4D, 0C, 8B, F1, 89, 75, 08, 3B, F7, 75, 03, 33, F6, 46, 33, DB, 89, 5D, E4, 83, FE, E0, 77, 69, 83, 3D...
 
[+]

Entropy:
7.0876

Code size:
344 KB (352,256 bytes)

Remove HMFAx.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.