home

hmpalert.exe

HitmanPro.Alert

SurfRight B.V.

This is a setup program which is used to install the application. It runs as a separate (within the context of its own process) windows Service named “HitmanPro.Alert Service”. This is installed with HitmanPro.Alert. The file has been seen being downloaded from www.download.fi and multiple other hosts a known adware distribution point operated by AfterDawn.
Publisher:
SurfRight B.V.  (signed and verified)

Product:
HitmanPro.Alert

Version:
2.6.5.77

MD5:
2638395f6e61889d75c363a80a0e17f4

SHA-1:
72194db5e2208e6b29a47aa0079b9211224386d1

SHA-256:
d61fd993da6605f32e6cdac889285eb67f1a112bb9a294838bb90fcbf5fa11c1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 4:04:46 PM UTC  (today)

File size:
1.8 MB (1,876,816 bytes)

Product version:
2.6.5.77

Copyright:
© 2014 SurfRight B.V.

Original file name:
hmpalert.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\hitmanpro.alert\hmpalert.exe

Digital Signature
Signed by:
SurfRight B.V.

Authority:
VeriSign, Inc.

Valid from:
11/6/2012 1:00:00 AM

Valid to:
1/6/2016 12:59:59 AM

Subject:
CN=SurfRight B.V., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SurfRight B.V., L=Hengelo, S=Overijssel, C=NL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
34A8B19DC8071E4182FB27F9B7EC722A

File PE Metadata
Compilation timestamp:
4/8/2014 9:28:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:hicdSOMMYocBQeRxDQLejx5RDicBsRfJ49F2qv4bicBeSf/sgg1hbEm:BNM9oRibRDi383veiZSm

Entry address:
0x32DAB

Entry point:
E8, A5, 6E, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, FF, 75, 0C, 6A, 00, FF, 75, 08, 68, F7, 4B, 43, 00, E8, 05, 00, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 83, EC, 20, 57, 6A, 07, 33, D2, 8D, 7D, E4, 59, 33, C0, 89, 55, E0, F3, AB, 5F, 39, 45, 0C, 75, 15, E8, 56, 37, 00, 00, C7, 00, 16, 00, 00, 00, E8, 19, 1C, 00, 00, 83, C8, FF, EB, 27, FF, 75, 14, 8D, 45, E0, C7, 45, E4, FF, FF, FF, 7F, FF, 75, 10, C7, 45, EC, 42, 00, 00, 00, FF, 75, 0C, 89, 55, E8, 50, 89, 55, E0, FF, 55, 08, 83, C4, 10, 8B, E5, 5D, C3...
 
[+]

Packer / compiler:
PEQuake V0.06

Code size:
274.5 KB (281,088 bytes)

Service
Display name:
HitmanPro.Alert Service

Service name:
hmpalertsvc

Description:
Webbrowser indringerdetectie, real-time en forensisch gebaseerd, waakt voor digitale bankrovers en man-in-the-browser aanvallen.

Type:
Win32OwnProcess

Group:
PNP_TDI


The file hmpalert.exe has been discovered within the following programs.

HitmanPro.Alert  by SurfRight B.V.
Publisher's description - “HitmanPro.Alert is a free tool that checks the browser integrity and alerts users when secure online banking and shopping is no longer guaranteed. HitmanPro.Alert will instantly detect over 99% of all known and new banking Trojans.”
www.hitmanpro.com/alert
22% remove it
 
Powered by Should I Remove It?

The file hmpalert.exe has been seen being distributed by the following 10 URLs.

http://www.download.fi/.../download.cfm?version_id=83772&software_id=6754&mirror_id=0&installer=0&perion=0

http://updates.hitmanpro.com/hmpalert.exe

http://dl.surfright.nl/hmpalert265.exe

http://r2.computerbild.de/exec/r2r.pl?m=w-cobi;u=http://d.computerbild.de/downloads/.../hmpalert.exe

http://email.surfright.com/718/.../newsletter.asp?id=3731380D36340D3132320D323033323635310D3634360D300D5941657831363865424271640D310D0D300D313335383136340D372E352E322E31303139300D3132

http://dl.surfright.nl/hmpalert.vtsafe.exe

http://safe.pre-cloud.com:8080/vt.php?q=http://.../hmpalert.exe

http://dl.surfright.nl/hmpalert25.exe

http://external.comss.ru/url.php?url=http://.../hmpalert.exe

http://dl.surfright.nl/hmpalert.exe

Scan hmpalert.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.