home

hw_v680.exe

Hex Workshop v6.8

BreakPoint Software, Inc.

This is a self-extracting archive and installer.
Publisher:
BreakPoint Software  (signed by BreakPoint Software, Inc.)

Product:
Hex Workshop v6.8

Description:
Hex Workshop v6.8 Installer

Version:
6.8.0.5419

MD5:
d21b000da44bef88bd6a9bedba70784b

SHA-1:
7d7e2900d3a76555891c15765bc1b50354f5d46b

SHA-256:
1da684c1bbd335e96f6727165470f6850cf024432db1aca209dc64ff2fbeee55

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 10:34:55 PM UTC  (today)

File size:
18 MB (18,864,464 bytes)

Product version:
6.8.0.5419

Copyright:
Copyright (C) BreakPoint Software

Original file name:
hw_v6.8.0.5419.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
BreakPoint Software, Inc.

Authority:
Thawte, Inc.

Valid from:
10/17/2013 2:00:00 AM

Valid to:
10/18/2015 1:59:59 AM

Subject:
CN="BreakPoint Software, Inc.", OU=SECURE APPLICATION DEVELOPMENT, O="BreakPoint Software, Inc.", L=Wayland, S=Massachusetts, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
0AC3CF34686D1BFF5FC6519BD737B0C5

File PE Metadata
Compilation timestamp:
7/27/2011 10:18:51 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:gk3b6MNKAjkyhc7NfTxPrTWixhjGcUwXWck0TqnX9yqpEBGzyauKtgSqK9O5D7pd:pb7NKAQyuJFjTWijJVJk0TK8qpEBGzy/

Entry address:
0x2C6FE

Entry point:
E8, 8F, 91, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, 53, 56, FF, 75, 10, 8D, 4D, F0, E8, 89, FA, FF, FF, 8B, 5D, 08, 33, F6, 3B, DE, 75, 2F, E8, 3B, 2B, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, C3, 2A, 00, 00, 83, C4, 14, 80, 7D, FC, 00, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8, FF, FF, FF, 7F, E9, C0, 00, 00, 00, 57, 8B, 7D, 0C, 3B, FE, 75, 2F, E8, 04, 2B, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, 8C, 2A, 00, 00, 83, C4, 14, 80, 7D, FC, 00, 74, 07, 8B, 45, F8...
 
[+]

Entropy:
7.9957  (probably packed)

Code size:
247 KB (252,928 bytes)

The file hw_v680.exe has been seen being distributed by the following 14 URLs.

&onid=2352&oid=3001-2352_4-10004918&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=developers/editors&topicbrcrm=&pid=13810978&mfgid=52461&merid=52461&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=f6e47679687ee201c9be5743&viewguid=hVG1WLaGC89njtLUsDq4oeVWpmyXOLe8-J6d&destUrl=http://files.downloadnow.com/s/software/13/81/09/.../hw_v680.exe

&onid=2352&oid=3001-2352_4-10004918&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=developers/editors&topicbrcrm=&pid=13810978&mfgid=52461&merid=52461&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=5c03a297e9d4d884c10b80d7&viewguid=f5c7jejlKy2Nslq@F2m1OqH4yl4zH@jjRfWP&destUrl=http://files.downloadnow.com/s/software/13/81/09/.../hw_v680.exe

https://mega.nz/temporary/.../O5JVCAQQ

http://download.findmysoft.com/2014/09/.../Hex-Workshop_6.8.0.exe

https://downloader.disk.yandex.com.tr/disk/0acfde336e4a2281ded13c785d87f83ca6967c8bddc9b949864d666f42f62beb/5808d1ef/TkhwTmUXNdoYsol5EgBrikOWRJhJJcCcKrU0GeQqFYVrXM8WP3dfue_Wc0v_ibdh_TuRi2c3DygnyAexLCSWkg==?uid=0&filename=hw_v680.exe&disposition=attachment&hash=DTpqrNVIGdws/.../x-msdownload&fsize=18864464&hid=0e5f501886cb4a84be3e99308fa4a2eb&media_type=executable&tknv=v2

https://zima5h.storage.yandex.net/rdisk/fa5bffa93276969160130e3bb8109f1574d8eed458b4fe8e69bf4d5e2ce59c60/57da06d9/TkhwTmUXNdoYsol5EgBrikOWRJhJJcCcKrU0GeQqFYVrXM8WP3dfue_Wc0v_ibdh_TuRi2c3DygnyAexLCSWkg==?uid=0&filename=hw_v680.exe&disposition=attachment&hash=DTpqrNVIGdws/.../x-msdownload&fsize=18864464&hid=0e5f501886cb4a84be3e99308fa4a2eb&media_type=executable&tknv=v2&rtoken=ri6Y8KT39Xs7&force_default=no&ycrid=na-f7dc78ef87dea94e6e99d5f16116a690-downloader14e

https://mega.nz/persistent/.../O5JVCAQQ

ftp://ftp.bpsoft.com/.../hw_v680.exe

http://lb.cdn.m6web.fr/d/c/a/24e16eaf313a7099544d1994daf3a7e4/567ad872/soft/.../hex-workshop_6-8-0_en_57002.exe

http://files.downloadnow-2.com/s/software/13/81/09/.../hw_v680.exe

http://www.bpsoft.com/.../hw_v680.exe

http://files.downloadnow.com/s/software/13/81/09/.../hw_v680.exe

&onid=2352&oid=3001-2352_4-10004918&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=developers/editors&topicbrcrm=windows software&pid=13810978&mfgid=52461&merid=52461&ctype=dm&cval=NONE&devicetype=desktop&pguid=971da03e7c403bdfe64fd3a1&viewguid=SMLTw1zSo8PsjQD0fNlEmUaocX0em5LroBAa&destUrl=http://software-files-a.cnet.com/s/software/13/81/09/.../hw_v680.exe

http://software-files-a.cnet.com/s/software/13/81/09/.../hw_v680.exe

Scan hw_v680.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.