home

howcodecapp.exe

HOW SOFT

The application howcodecapp.exe by HOW SOFT has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
HOW SOFT  (signed and verified)

Description:
HowcodecSetupapp

Version:
2013.7.15.1

MD5:
8516f9895403abdc29c9260de203e1ca

SHA-1:
c6514b9a10e8e8dacc97adfa867169166505191e

SHA-256:
733e15de04b74a80c3e74baf965976233696d546795de47d4b537016bb95805d

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/26/2024 8:05:52 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Hue Communication (M)
16.10.23.20

File size:
534 KB (546,848 bytes)

Product version:
2013.7.15.1

Copyright:
copyright(c) 2009 by howcodec all right reserved

Original file name:
howcodecsetup

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\goodfile\fileget\howcodecapp.exe

Digital Signature
Signed by:
HOW SOFT

Authority:
Thawte, Inc.

Valid from:
1/31/2013 9:00:00 AM

Valid to:
3/3/2015 8:59:59 AM

Subject:
CN=HOW SOFT, OU=IT Team, O=HOW SOFT, L=Guro-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7BA3F775C5D05768F56F97039538592C

File PE Metadata
Compilation timestamp:
7/15/2013 8:02:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:mTYofSZp4FJRfxOcfVwEJ8OCJrWmfEBtRawZUCd/B:JcSMJ5RfVwEJCJWmf8tUwjd

Entry address:
0x71948

Entry point:
55, 8B, EC, 83, C4, F0, B8, 18, 02, 47, 00, E8, 60, 52, F9, FF, A1, 7C, 43, 47, 00, 8B, 00, E8, 5C, 3B, FE, FF, A1, 7C, 43, 47, 00, 8B, 00, B2, 01, E8, 36, 59, FE, FF, 8B, 0D, 08, 45, 47, 00, A1, 7C, 43, 47, 00, 8B, 00, 8B, 15, A4, FC, 46, 00, E8, 4E, 3B, FE, FF, A1, 7C, 43, 47, 00, 8B, 00, E8, 7A, 3C, FE, FF, E8, 51, 2F, F9, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5882

Developed / compiled with:
Microsoft Visual C++

Code size:
448 KB (458,752 bytes)

Remove howcodecapp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.