home

hpmmrcli.dll

HP RDP USB Redirector

Provision Networks, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘hpmmrcli’.
Publisher:
Hewlett-Packard Company  (signed by Provision Networks, Inc.)

Product:
HP RDP USB Redirector

Description:
Multimedia Redirection Client

Version:
6.0.16.0

MD5:
006ac7db3a3a10c4500055c06ec0f8de

SHA-1:
9be23c1d90a30c7b143f151f0b4e0821cabd72ad

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 10:01:14 PM UTC  (today)

File size:
521.8 KB (534,352 bytes)

Product version:
6.0.16.0

Copyright:
© Copyright 2009 Hewlett-Packard Development Company, L.P.; © Copyright 2004-2009 Quest Software, Inc. All rights reserved.

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Windows\System32\hpmmrcli.dll

Digital Signature
Signed by:
Provision Networks, Inc.

Authority:
VeriSign, Inc.

Subject:
CN="Provision Networks, Inc.", OU=Information Technology, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Provision Networks, Inc.", L=Vienna, S=Virginia, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
39098730358471ACF1E0C75A7BE9E1D5

File PE Metadata
OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:7a8Xc15912hoijju/BwrIxwnhstELQL8PsFsPR/+:79c15912h9GqSGutELQL8Psux+

Entry address:
0x476F5

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, BA, 9D, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 83, 3D, 20, DB, 07, 10, 00, 74, 2D, 55, 8B, EC, 83, EC, 08, 83, E4, F8, DD, 1C, 24...
 
[+]

Entropy:
6.4647

Code size:
393 KB (402,432 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
hpmmrcli

Command:
C:\Windows\System32\rundll32 C:\Windows\System32\hpmmrcli.dll,registervirtualchannel


Scan hpmmrcli.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.