home

vhui64.exe

VirtualHere Client For Windows

VirtualHere Pty. Ltd.

Publisher:
VirtualHere Pty. Ltd.  (signed and verified)

Product:
VirtualHere Client For Windows

Description:
VirtualHere USB Sharing

Version:
3.8.4

MD5:
3d4d6307fe038a55f3cfb6fd36f051ae

SHA-1:
4e93b0d98c5eaa49072fa9a23bbe5b0bf779ebd9

SHA-256:
ce713a717e4acb33cadc19279dd00b6b23015f3c6820d1020af235a93baa8a04

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/13/2024 7:10:36 AM UTC  (today)

File size:
20.1 MB (21,076,104 bytes)

Product version:
3.8.4

Copyright:
VirtualHere Pty. Ltd.

Original file name:
vhui64.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\vhui64.exe

Digital Signature
Signed by:
VirtualHere Pty. Ltd.

Authority:
DigiCert Inc

Valid from:
11/10/2014 7:00:00 PM

Valid to:
1/17/2018 7:00:00 AM

Subject:
CN=VirtualHere Pty. Ltd., O=VirtualHere Pty. Ltd., L=Manly, S=New South Wales, C=AU

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0C5F956BCE16D66A70F60E2819AF50CE

File PE Metadata
Compilation timestamp:
11/21/2016 4:15:03 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
2.27

CTPH (ssdeep):
196608:0VU6e6lObCkvsneqAI4ZHBSrYOee3OnEBDcbNsLy9Gs8o5oMa2+wwYmdSI0zzJRY:0O6eOkvsneHBtILO0oad2ISPY

Entry address:
0x14D0

Entry point:
48, 83, EC, 28, 48, 8B, 05, 75, 34, 1E, 01, C7, 00, 01, 00, 00, 00, E8, AA, D4, 80, 00, E8, C5, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 0F, 1F, 40, 00, 66, 2E, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 83, EC, 28, 48, 8B, 05, 45, 34, 1E, 01, C7, 00, 00, 00, 00, 00, E8, 7A, D4, 80, 00, E8, 95, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 48, 89, E5, 5D, C3, 66, 2E, 0F, 1F, 84, 00, 00, 00, 00, 00, 55, 48, 89, E5, 48, 83, EC, 20, 48, 83, 3D, E0, 84, F3, 00, 00...
 
[+]

Entropy:
6.8345

Code size:
10.4 MB (10,874,880 bytes)

The file vhui64.exe has been seen being distributed by the following URL.

https://www.virtualhere.com/sites/default/files/.../vhui64.exe

Scan vhui64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.