» howcodecopen.exe
Overview
Analysis
File Details

howcodecopen.exe

HOW SOFT

The application howcodecopen.exe by HOW SOFT has been detected as a potentially unwanted program by 29 anti-malware scanners.

File name:

howcodecopen.exe

Publisher:

(주)하우소프트 (signed by HOW SOFT)

Description:

howcodecopen

Version:

2013.11.11.2

MD5:

25f0a24765392181924118bf5b981a8f

SHA-1:

e04e923be217d0661b690f87e01d40f56b8c33ed

Scanner detections:

29 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 5:45:48 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1636294

699

Agnitum Outpost

Trojan.Graftor

7.1.1

AhnLab V3 Security

PUP/Win32.HowCodec

2015.02.12

avast!

Win32:HowSoft-A [PUP]

2014.9-150307

AVG

Generic10_c

2016.0.3177

Bitdefender

Trojan.GenericKD.1636294

1.0.20.330

Comodo Security

TrojWare.Win32.Umal.~A

21042

Dr.Web

Trojan.PWS.Banker1.12323

9.0.1.066

Emsisoft Anti-Malware

Trojan.GenericKD.1636294

8.15.03.07.10

ESET NOD32

Win32/TrojanDownloader.Delf.AEV

9.11160

Fortinet FortiGate

W32/Delf.IABM!tr.dldr

3/7/2015

F-Secure

Trojan.GenericKD.1636294

11.2015-07-03_7

G Data

Trojan.GenericKD.1636294

15.3.25

IKARUS anti.virus

Trojan-Dropper.Delf

t3scan.1.8.6.0

K7 AntiVirus

Trojan-Downloader

13.194.14941

Kaspersky

Trojan-Downloader.Win32.Delf

14.0.0.2380

McAfee

Artemis!25F0A2476539

5600.6833

MicroWorld eScan

Trojan.GenericKD.1636294

16.0.0.198

NANO AntiVirus

Trojan.Win32.Banker1.cqrwsg

0.30.0.65070

nProtect

Trojan-Downloader/W32.Agent.995360

15.02.11.01

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

Quick Heal

TrojanDownloader.Delf.rc

3.15.14.00

Reason Heuristics

PUP.Hue Communication

15.3.7.23

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_DELF.SXM

7.2.66

Trend Micro

TROJ_DELF.SXM

10.465.07

Vba32 AntiVirus

TrojanDownloader.Delf

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

37450

Zillya! Antivirus

Downloader.Delf.Win32.40956

2.0.0.2062

File size:

972 KB (995,360 bytes)

Product version:

2013.11.11.2

Original file name:

howcodecopen.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\howcodec\up\howcodecopen.exe

Digital Signature

Signed by:

HOW SOFT

Authority:

Thawte, Inc.

Valid from:

1/31/2013 9:00:00 AM

Valid to:

3/3/2015 8:59:59 AM

Subject:

CN=HOW SOFT, OU=IT Team, O=HOW SOFT, L=Guro-gu, S=SEOUL, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

7BA3F775C5D05768F56F97039538592C

File PE Metadata

Compilation timestamp:

11/11/2013 8:25:24 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:JGuDbPYuyQ7rDcLCDIh2c3JaxVy+hO81nRxAC7kedA:Jh/YuhDKmIt3Jafy+hO8NRxAYR

Entry address:

0x360001

Entry point:

60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 00, 36, 00, 83, BD, 88, 04, 00, 00, 00, 89, 9D, 88, 04, 00, 00, 0F, 85, CB, 03, 00, 00, 8D, 85, 94, 04, 00, 00, 50, FF, 95, A9, 0F, 00, 00, 89, 85, 8C, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, A5, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74... 
[+]

Entropy:

7.9800

Packer / compiler:

ASPack v2.12

Code size:

2.6 MB (2,757,632 bytes)

Remove howcodecopen.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.