» holdeq.exe
Overview
Analysis
File Details
Programs (1)

holdeq.exe

Flopzilla

StoxEV

File name:

holdeq.exe

Publisher:

StoxEV (signed and verified)

Product:

Flopzilla

Version:

1, 0, 8, 0

MD5:

a93cacccdc381e1917336f073ce8b9eb

SHA-1:

e3980aea580ca733e889d3ce7fea9320f5306b77

SHA-256:

2c69a058e14ead9af941f3ca17823fab30cfc6722a3b249ef4095d4c360e001c

Scanner detections:

4 / 68

Status:

Clean (4 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/19/2024 6:04:08 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.Packed

1.3.0.6979

NANO AntiVirus

Trojan.Win32.XPACK.dowldt

0.30.24.2668

Qihoo 360 Security

HEUR/QVM19.1.Malware.Gen

1.0.0.1015

Sophos

Mal/EncPk-ABFU

4.98

File size:

4.7 MB (4,885,768 bytes)

Product version:

1, 0, 8, 0

Original file name:

Flopzilla.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\holdeq\holdeq\holdeq.exe

Digital Signature

Signed by:

StoxEV

Authority:

COMODO CA Limited

Valid from:

4/9/2013 8:00:00 PM

Valid to:

4/9/2016 7:59:59 PM

Subject:

CN=StoxEV, O=StoxEV, STREET=Kolfstraat 123, L=Purmerend, S=Noord-Holland, PostalCode=1442 TC, C=NL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

5F83937A75060E85F04E3413233DFE4E

File PE Metadata

Compilation timestamp:

2/25/2015 7:44:08 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

98304:fphF0kApJjZv5VYhTjhq8hnxI/3jg4Y2AuNykp:l9AzZDknoTLdZp

Entry address:

0x1F400

Entry point:

56, 50, 51, B9, 92, 39, BD, 7B, 50, B8, 92, 39, BD, 7B, 31, C1, 58, 89, C8, 59, 89, 44, 24, 04, 8B, 04, 24, 81, C4, 04, 00, 00, 00, 53, 89, E3, 81, C3, 04, 00, 00, 00, 83, EB, 04, 53, FF, 74, 24, 04, 5B, 8F, 04, 24, 5C, 89, 0C, 24, C7, 04, 24, 4B, 6B, 7E, 7F, C1, 24, 24, 04, 81, 34, 24, B1, B4, E6, F7, 55, C7, 04, 24, BB, B7, 7E, 7B, 57, 89, 0C, 24, B9, BB, B7, 3E, 7B, 29, 4C, 24, 04, 8B, 0C, 24, 81, C4, 04, 00, 00, 00, 68, 00, F0, 00, 01, E9, 00, 04, 00, 00, 04, 22, 00, 00, 00, 00, 00, 00, C6, 21, 00, 00... 
[+]

Entropy:

7.8716 (probably packed)

Code size:

220 KB (225,280 bytes)

The file holdeq.exe has been discovered within the following program.

HoldEq by HoldEq

About 7% of users remove it

Scan holdeq.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.