home

hyped.exe

Hyped

The application hyped.exe has been detected as a potentially unwanted program by 2 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named 35765925 triggered to execute each time a user logs in. While running, it connects to the Internet address static.hosted-by.miamidedicated.com on port 80 using the HTTP protocol.
Publisher:
Hyped

Product:
Hyped

Version:
7.8.3.192

MD5:
ecbc15051f9a2980ae85e43420456e28

SHA-1:
012cea8188320f03c75fc2813399c30a6256d4c1

SHA-256:
b880bf9fea6e2e2df6d0bd7b4a9fb51f351dc045c851d7fac9b6dab592e5803a

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
5/4/2024 7:57:01 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Adware.Dotdo.AP application
6.3.12010.0

Reason Heuristics
Adware.Dotdo.ET (M)
17.2.28.7

File size:
11 KB (11,264 bytes)

Product version:
7.8.3.192

Copyright:
Copyright © Hyped 2017

Trademarks:
© 2017 Hyped

Original file name:
hyped.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\hyped.exe

File PE Metadata
Compilation timestamp:
2/13/2017 9:55:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x404E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.0439

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
8.5 KB (8,704 bytes)

Scheduled Task
Task name:
35765925

Trigger:
Logon (Runs on logon)

Description:
3576592535765925


The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to static-82-212-205-209.24shells.net  (209.205.212.82:80)

TCP (HTTP):
Connects to static-122-212-205-209.24shells.net  (209.205.212.122:80)

TCP (HTTP):
Connects to ec2-54-89-17-130.compute-1.amazonaws.com  (54.89.17.130:80)

TCP (HTTP):
Connects to ec2-52-41-214-163.us-west-2.compute.amazonaws.com  (52.41.214.163:80)

TCP (HTTP SSL):
Connects to 57.247.178.107.bc.googleusercontent.com  (107.178.247.57:443)

TCP (HTTP):
Connects to static.hosted-by.miamidedicated.com  (162.222.193.17:80)

TCP (HTTP):
Connects to hosted-by.instantdedicated.com  (188.95.50.96:80)

TCP (HTTP):
Connects to server-52-84-24-97.sea32.r.cloudfront.net  (52.84.24.97:80)

TCP (HTTP):
Connects to server-52-84-24-118.sea32.r.cloudfront.net  (52.84.24.118:80)

TCP (HTTP SSL):
Connects to map2.hwcdn.net  (205.185.216.10:443)

TCP (HTTP):
Connects to l3dsr-cserv-um-20.sjc3.btrll.com  (162.208.20.184:80)

TCP (HTTP):
Connects to hosted-by.reliablesite.net  (172.93.97.202:80)

TCP (HTTP):
Connects to ec2-54-70-172-83.us-west-2.compute.amazonaws.com  (54.70.172.83:80)

TCP (HTTP):
Connects to ec2-54-219-149-130.us-west-1.compute.amazonaws.com  (54.219.149.130:80)

TCP (HTTP):
Connects to ec2-54-215-80-220.us-west-1.compute.amazonaws.com  (54.215.80.220:80)

TCP (HTTP):
Connects to ec2-52-8-232-38.us-west-1.compute.amazonaws.com  (52.8.232.38:80)

TCP (HTTP):
Connects to ec2-52-8-192-165.us-west-1.compute.amazonaws.com  (52.8.192.165:80)

TCP (HTTP):
Connects to ec2-52-7-85-20.compute-1.amazonaws.com  (52.7.85.20:80)

TCP (HTTP):
Connects to ec2-52-6-249-90.compute-1.amazonaws.com  (52.6.249.90:80)

TCP (HTTP SSL):
Connects to ec2-52-42-107-85.us-west-2.compute.amazonaws.com  (52.42.107.85:443)

Remove hyped.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.