home

hss-4.20.0-nodrv-update.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from mydati.com.
MD5:
399e6ecb350c5d5ddf4bf99c7c4aa1de

SHA-1:
48ee7deb45a72f1cedf08720dd7a62a69d5d6a82

SHA-256:
9d518b09d4502ee2dd4a148b088176088d1d8569c0a229a4243f1f00ce88c36a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 1:05:40 AM UTC  (today)

File size:
9.4 MB (9,808,260 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\hss-4.20.0-nodrv-update.exe

File PE Metadata
Compilation timestamp:
6/26/2015 4:37:46 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
196608:IJBWo2BR52R9weFjlzpNWlTV2vsIeX5vopr6wfWNoJySPHnlN5NRfTA:IJ0okj2rweFjlFNacvxcNwrzuNoJySHS

Entry address:
0x6968

Entry point:
E8, FD, 48, 00, 00, E9, 7B, FE, FF, FF, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, B3, 4A, 00, 00, 59, 85, C0, 74, 11, FF, 75, 08, E8, 14, 4A, 00, 00, 59, 85, C0, 74, E6, 8B, E5, 5D, C3, 6A, 01, 8D, 45, FC, C7, 45, FC, F4, CF, 41, 00, 50, 8D, 4D, F0, E8, 5D, 00, 00, 00, 68, 1C, E6, 41, 00, 8D, 45, F0, C7, 45, F0, 48, 73, 41, 00, 50, E8, A6, 4A, 00, 00, CC, FF, 35, 38, 2A, 42, 00, FF, 15, 3C, 70, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 01, 6A, 00, E8, ED, 4A, 00, 00, 59, 59, E9, 05, 4B, 00, 00, 55, 8B, EC...
 
[+]

Entropy:
7.9893  (probably packed)

Code size:
85 KB (87,040 bytes)

The file hss-4.20.0-nodrv-update.exe has been seen being distributed by the following URL.

http://mydati.com/download/.../HSS-4.20.0-nodrv-update.exe

Scan hss-4.20.0-nodrv-update.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.