» sp67743.exe
Overview
Analysis
File Details
Downloads (7)

sp67743.exe

HP CoolSense

Hewlett-Packard Company

This is a setup program which is used to install the application.

File name:

sp67743.exe

Publisher:

Hewlett-Packard Company (signed by Hewlett-Packard Company)

Product:

HP CoolSense

Version:

2.20.41

MD5:

3e7cd31e6b0f7b60be5ba85ef3676aad

SHA-1:

409029317d203b69956c9bdba26a8a2505558635

SHA-256:

46c9b587f8892982694cd55a0e134c982c50e1cdfcde5bafdf18c27785c916f2

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 11:43:18 AM UTC (today)

File size:

9.4 MB (9,818,760 bytes)

Product version:

2.20.41

Original file name:

stub32i.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\sp67743.exe

Digital Signature

Signed by:

Hewlett-Packard Company

Authority:

VeriSign, Inc.

Valid from:

5/9/2013 5:00:00 PM

Valid to:

6/8/2016 4:59:59 PM

Subject:

CN=Hewlett-Packard Company, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Hewlett-Packard Company, L=Andover, S=Massachusetts, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

04D86E77D3018D9F669CB19B50ED6EBF

File PE Metadata

Compilation timestamp:

8/29/2001 2:22:49 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:Yche3VdSTfFbKifJMneTe8KqEzLbf2osWYZ6mWKkP5:Yche3GTZBMAeqwf2JTZMP5

Entry address:

0x8927

Entry point:

55, 8B, EC, 6A, FF, 68, 18, 33, 41, 00, 68, 60, BA, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E8, 31, 41, 00, 33, D2, 8A, D4, 89, 15, 5C, 63, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 58, 63, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 54, 63, 41, 00, C1, E8, 10, A3, 50, 63, 41, 00, 33, F6, 56, E8, E0, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 11, 2F, 00, 00, FF, 15, EC, 31, 41, 00, A3, 24, 8A, 41, 00, E8... 
[+]

Entropy:

7.9973

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

72 KB (73,728 bytes)

The file sp67743.exe has been seen being distributed by the following 7 URLs.

temp:sp67743.exe

https://dl.boxcloud.com/d/.../Cz7BarTGimNOb04XarvZS7_-BxYFIRZKUrsoRCyVVfHjNY6SNr4WuKWi-XXyuz9nUWxgYZAAU7RpXBDXfHMIU3PDiT_S7EdEWW2XhpxYij_TFlhDuSNT528xHFjrsXl9jnDY6OxWTANL4m0veZSar6RI1DXYPO2fqXtGysFpXPV-nciPVGbeG6_2XtpFrDmLgPDiMBQ5Ara6xqvngu_hTnZMG3YMTRLs-weyBgjUKiV48Dzf33CmbhhKHqNovrULOEh-2-osrsUmzVbjP1NH_wHAT9AAr_t4eeB4DwH3MJrhaujRmqj-tDkZ8lPEdLIMQZveYRQtqcYpSaA6_Vuq-tlxCck2PTVCp3M7USZyW26NAR3SOsD-sRQzrGliIXi81qvDdj3xLki1EyWVfRf_QFwIpzoDIJ71ayj6oOuMYxbsjP3mXuOaCrw2IJLgJoGj-uCIRUXMVzYApDOj5wCQRcY8J49hbHx_ioG_fuI2gfO1fxMo-QbYQWEMpueJ9saWyP1QUjwzavDzCuQ9VPFQEuYz5O1HTZj3EsYckJBD0W91X_YmVVOPDsboaB6znH8BVT-M9U81NsZqQZG24jUh5D5pd_dYGDyDE9C5u30mOk-xEou4YnUMhB9G-XIokkwfBrL320lgqYnIPw-Wijw0qn1clzG9ki8F8_izA_ij7iaxGwk0-QljJXRqbbbBw6hjsCXaprM834bOElZcmjjDAsOUZFLTW6owah9ySgc_dk0XOfp2vZ2sM9d4ubmz113yQ_vF6z5lFsXZwot7BkkSrdI5uc2SoyJvjUpmrej9pdXXWyXqFJ5TuhvSdtN7MBHTR71ejC2a6K3sbMfYC5cPvD3gj2LbpdRs0drQabEjGyM1gzpLUBVAbgNscGLQdSKmALjVhGBFmClgrOyD5SJXKA1qIaWIuW8US-BzLolTdHR_LPqKiL9cPbmHLMIOg7YjAhQSHrhL_nfi

https://d3.driverscollection.com/2ecbf4c7181741/5b420d734cb993996486a2402033bc142defdca1578fb304124fd42dbfe16c900945e62ef13b9ff5d7f002bba8771483580decf5/4/80/43/.../sp67743.exe

https://d3.driverscollection.com/4ad119b27da75/66263c4c68a6da0fc7e48eb96ed38ae349df80d2df9634b9f80d54904a567f5835e08530746ce4fddc07227e24dc556358353b7f/4/80/43/.../sp67743.exe

https://app.box.com/index.php?rm=box_download_shared_file&shared_name=cv9st3jkgxvkmeri6znbmcxi064rg6k3&file_id=f_41182943794

http://hp-coolsense.software.informer.com/.../

http://ftp.hp.com/pub/softpaq/.../sp67743.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.