home

setup_htsremote.exe

National Tax Service

Publisher:
National Tax Service  (signed and verified)

MD5:
5b81c4bba84f95b5ecff43f4d4bca42e

SHA-1:
97a2ce24e6e22c04eb965c0119f7f79de1828258

SHA-256:
802019f22aaeb448c3033c2cb0c986646a455ed70f070474ecc957aa6d5805f0

Scanner detections:
6 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 10:14:20 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
UnclassifiedMalware
17967

Malwarebytes
Spyware.Passwords
v2016.09.09.05

McAfee
GenericTRA-AG!5B81C4BBA84F
5600.6281

Trend Micro House Call
PAK_Generic.001
7.2.253

Trend Micro
PAK_Generic.001
10.465.09

VIPRE Antivirus
Trojan.Win32.Generic
27596

File size:
744.1 KB (762,008 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup_htsremote.exe

Digital Signature
Signed by:
National Tax Service

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
9/16/2009 9:00:00 AM

Valid to:
10/17/2011 8:59:59 AM

Subject:
CN=National Tax Service, O=National Tax Service, L=SEOUL, S=GYEONGGI-DO, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
1501719B42978B998F7B743C88C6E883

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:v0CGrBaGVYNkUOvbIgUxYH2rDbtrUKubai2ti5Nxpc2IH5ltS5+GPul3cfN0:v0LcGMyblUxY2pu91W2IZltSUSm

Entry address:
0x11001

Entry point:
60, E8, 02, 00, 00, 00, EB, 09, 5D, 55, 81, ED, 39, 39, 44, 00, C3, E9, 59, 04, 00, 00, E9, 1F, 04, 00, 01, EB, 00, BB, 31, 39, 44, 00, 04, DD, 2B, 9D, FD, 3F, 44, 00, 84, BD, 28, 4A, 45, 00, 00, 89, 9E, 28, 4A, 44, 01, 0F, 85, 62, 04, 00, 00, C7, 86, 43, 39, 44, 01, 00, 00, 00, 01, 8D, 85, 30, 4B, 44, 00, 50, 00, 96, 2C, 4B, 45, 00, 89, 85, 2D, 4A, 44, 00, 8C, F8, 8D, 9D, 3E, 4A, 44, 00, 54, 50, FF, 95, 29, 4B, 44, 00, 8A, 85, 28, 40, 45, 00, 8D, 9D, 4B, 4A, 44, 00, 54, 57, FF, 95, 29, 4B, 44, 00, 8A, 85...
 
[+]

Entropy:
7.9880

Packer / compiler:
ASPack v2.11c

Code size:
28.5 KB (29,184 bytes)

Scan setup_htsremote.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.