home

vhui64.exe

VirtualHere Client For Windows

VirtualHere Pty. Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.virtualhere.com.
Publisher:
VirtualHere Pty. Ltd.  (signed and verified)

Product:
VirtualHere Client For Windows

Description:
VirtualHere USB Sharing

Version:
2.9.1

MD5:
c16d954f3992a7167d28be41b93f23be

SHA-1:
66904c354ab8ffa813195e160799efbf213dd410

SHA-256:
a086fab367cacf8a939c0d87f2106d11928a72b7231c42bb0252832a187821d1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/9/2024 7:37:09 PM UTC  (today)

File size:
7.2 MB (7,586,264 bytes)

Product version:
2.9.1

Copyright:
VirtualHere Pty. Ltd.

Original file name:
vhui64.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\vhui64.exe

Digital Signature
Signed by:
VirtualHere Pty. Ltd.

Authority:
DigiCert Inc

Valid from:
11/10/2014 6:00:00 PM

Valid to:
1/17/2018 6:00:00 AM

Subject:
CN=VirtualHere Pty. Ltd., O=VirtualHere Pty. Ltd., L=Manly, S=New South Wales, C=AU

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0C5F956BCE16D66A70F60E2819AF50CE

File PE Metadata
Compilation timestamp:
4/23/2015 10:53:08 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
2.23

CTPH (ssdeep):
196608:xx+IeSoOphBN1lmNMAGHBGUKqaaTvS6wnb7xnQqQxwb60aRUFKjb:fLeSpmZGhMfarSpbcxA654u

Entry address:
0xF80A80

Entry point:
53, 56, 57, 55, 48, 8D, 35, 9A, F5, 8D, FF, 48, 8D, BE, DB, 0F, 7A, FF, 48, 8D, 87, 2C, 60, F5, 00, FF, 30, C7, 00, AE, 28, 88, 27, 50, 57, 31, DB, 31, C9, 48, 83, CD, FF, E8, 50, 00, 00, 00, 01, DB, 74, 02, F3, C3, 8B, 1E, 48, 83, EE, FC, 11, DB, 8A, 16, F3, C3, 48, 8D, 04, 2F, 83, F9, 05, 8A, 10, 76, 21, 48, 83, FD, FC, 77, 1B, 83, E9, 04, 8B, 10, 48, 83, C0, 04, 83, E9, 04, 89, 17, 48, 8D, 7F, 04, 73, EF, 83, C1, 04, 8A, 10, 74, 10, 48, FF, C0, 88, 17, 83, E9, 01, 8A, 10, 48, 8D, 7F, 01, 75, F0, F3, C3...
 
[+]

Entropy:
7.8801  (probably packed)

Code size:
7.1 MB (7,475,200 bytes)

The file vhui64.exe has been seen being distributed by the following URL.

https://www.virtualhere.com/sites/default/files/.../vhui64.exe

Scan vhui64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.