» myroom_nv62s2xisn2u.exe
Overview
Analysis
File Details
Downloads (14)

myroom_nv62s2xisn2u.exe

Launch35

Hewlett-Packard Company

File name:

Publisher:

Hewlett-Packard Company (signed and verified)

Product:

Launch35

Version:

10.3.0.9020

MD5:

a71c610d82c66795ab8f4b151e7e05aa

SHA-1:

73e83a95d0f4ae33e33193ada7430ac1bbd5c65c

SHA-256:

bde39d937f5bed4a2b68af867acfc214eb4fe667c3dcd91213cc614570bd90e1

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/16/2024 6:10:05 PM UTC (today)

File size:

45.7 KB (46,792 bytes)

Product version:

10.3.0.9020

Original file name:

Launch.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\myroom_nv62s2xisn2u.exe

Digital Signature

Signed by:

Hewlett-Packard Company

Authority:

COMODO CA Limited

Valid from:

4/30/2015 8:00:00 AM

Valid to:

4/30/2016 7:59:59 AM

Subject:

CN=Hewlett-Packard Company, OU=HP Cyber Security, O=Hewlett-Packard Company, STREET=3000 Hanover Street, L=Palo Alto, S=CA, PostalCode=94304, C=US

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

50F7DCBC28D3D606376CA95DF9523B3B

File PE Metadata

Compilation timestamp:

1/29/2016 4:57:24 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:iGIR97StX+36wbUeVBm6SNW3DwKleLEMjQSuxJmBffBFrix:iGIR97StX+36wbbVBjSNW3h84EYxwXLG

Entry address:

0xAD3E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.1336

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

35.5 KB (36,352 bytes)

The file myroom_nv62s2xisn2u.exe has been seen being distributed by the following 14 URLs.

https://www.myroom.hpe.com/attend/.../mmwhh9nj-iur

https://www.myroom.hpe.com/Attend/.../v72cgn415z7p

https://www.myroom.hpe.com/Attend/.../gmqxlzgz2xek

https://www.myroom.hpe.com/attend/.../wjth8cq8g-02

https://www.myroom.hpe.com/attend/.../ng8d7y9iwvgr

https://www.myroom.hpe.com/attend/.../v8e7qr1ghaq7

https://www.myroom.hpe.com/attend/.../lfydep-tfu1u

https://www.myroom.hpe.com/attend/.../1ep62i5retu9

https://www.myroom.hpe.com/attend/.../phk1lolb02gs

https://www.myroom.hpe.com/attend/.../e7wrig7la7eh

https://www.myroom.hpe.com/attend/.../3iqfimrxpsj3

https://www.myroom.hpe.com/attend/.../57qn3pm58lmi

https://www.myroom.hpe.com/Attend/.../6tszt0s3hvyy

https://www.myroom.hpe.com/Attend/.../q2k2pr326jw9

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.