home

vhui64.exe

VirtualHere Client For Windows

VirtualHere Pty. Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.virtualhere.com.
Publisher:
VirtualHere Pty. Ltd.  (signed and verified)

Product:
VirtualHere Client For Windows

Description:
VirtualHere USB Sharing

Version:
3.3.8

MD5:
c5bc7979e985c7d2dcee97e5762a0f81

SHA-1:
63bd68fe1f830a8b60e8eaef90fd284f726a17ca

SHA-256:
2eac1dde869a0b84dea84a744ec0ae41c7c25f29710d7eb1bcf86caa1e0e1794

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/9/2024 11:44:37 PM UTC  (a few moments ago)

File size:
8.4 MB (8,843,224 bytes)

Product version:
3.3.8

Copyright:
VirtualHere Pty. Ltd.

Original file name:
vhui64.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Digital Signature
Signed by:
VirtualHere Pty. Ltd.

Authority:
DigiCert Inc

Valid from:
11/11/2014 1:00:00 AM

Valid to:
1/17/2018 1:00:00 PM

Subject:
CN=VirtualHere Pty. Ltd., O=VirtualHere Pty. Ltd., L=Manly, S=New South Wales, C=AU

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0C5F956BCE16D66A70F60E2819AF50CE

File PE Metadata
Compilation timestamp:
1/29/2016 8:39:37 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:BK2Kvh749ywW38vNoxAjxBPOvz+V4g7R5nraH9jH/DQvmyhc/gWC/4FRZFfK:fKh4wwWU1B8z+4gPnQsvtFWj5pK

Entry address:
0x1324500

Entry point:
53, 56, 57, 55, 48, 8D, 35, 1A, CB, 7A, FF, 48, 8D, BE, DB, FF, 52, FF, 48, 8D, 87, DC, A0, 2F, 01, FF, 30, C7, 00, 61, 44, 94, A8, 50, 57, 31, DB, 31, C9, 48, 83, CD, FF, E8, 50, 00, 00, 00, 01, DB, 74, 02, F3, C3, 8B, 1E, 48, 83, EE, FC, 11, DB, 8A, 16, F3, C3, 48, 8D, 04, 2F, 83, F9, 05, 8A, 10, 76, 21, 48, 83, FD, FC, 77, 1B, 83, E9, 04, 8B, 10, 48, 83, C0, 04, 83, E9, 04, 89, 17, 48, 8D, 7F, 04, 73, EF, 83, C1, 04, 8A, 10, 74, 10, 48, FF, C0, 88, 17, 83, E9, 01, 8A, 10, 48, 8D, 7F, 01, 75, F0, F3, C3...
 
[+]

Code size:
8.3 MB (8,732,672 bytes)

The file vhui64.exe has been seen being distributed by the following URL.

https://www.virtualhere.com/sites/default/files/.../vhui64.exe

Scan vhui64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.