home

winstarticon.exe

WinStartIcon

HYUNDAI HOME SHOPPING

The executable winstarticon.exe has been detected as malware by 10 anti-virus scanners.
Publisher:
현대홈쇼핑  (signed by HYUNDAI HOME SHOPPING)

Product:
WinStartIcon

Version:
1.00

MD5:
106673de85a962c2a7d62e91f12eb779

SHA-1:
375fa965222755b840d2c00e2be423797e0e1207

SHA-256:
1f96778f244e1293df9a1137a7741c78919c6b0bf65af4e3523f2891573da392

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
4/24/2024 1:05:27 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clodf0b.Trojan
1.3.0.4923

Comodo Security
UnclassifiedMalware
17642

ESET NOD32
Win32/Msidebar (variant)
8.9310

Fortinet FortiGate
W32/Msidebar.C
4/2/2014

F-Prot
W32/VB-Backdoor-HRS-based!Maxim
v6.4.7.1.166

IKARUS anti.virus
Trojan-Downloader.Win32.Beebone
t3scan.2.2.29

K7 AntiVirus
Trojan
13.175.10881

McAfee
Artemis!106673DE85A9
5600.7172

Sophos
Mal/Generic-S
4.96

Trend Micro House Call
TROJ_GEN.F47V1026
7.2.92

File size:
48.8 KB (50,016 bytes)

Product version:
1.00

Original file name:
winstarticon.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\hmallicon\winstarticon.exe

Digital Signature
Signed by:
HYUNDAI HOME SHOPPING

Authority:
VeriSign, Inc.

Valid from:
12/13/2010 2:00:00 AM

Valid to:
12/13/2013 1:59:59 AM

Subject:
CN=HYUNDAI HOME SHOPPING, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=HYUNDAI HOME SHOPPING, L=Gangdong-Gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
351CE799918FAA50D5C934370227E802

File PE Metadata
Compilation timestamp:
10/10/2013 3:23:39 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:2v5vBSKH5bmly6Cxzm+GHB+i3PJhtxQfB7cWvHAuZEb4Lbu87dIf6RB0ZbKqDi0T:29BSKHl6CAbBzxlB8zJAlCi07jeqJi

Entry address:
0x1714

Entry point:
68, F0, 19, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, B5, 55, C1, 17, 00, 81, C0, 42, 82, CA, 0B, 36, D3, 6D, 06, 56, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, C5, C1, 20, C8, AD, B8, 57, 69, 6E, 53, 74, 61, 72, 74, 49, 63, 6F, 6E, 00, 30, 39, 32, 00, 00, 00, 00, FF, CC, 31, 00, 01, 41, 86, 64, BB, DD, 83, 99, 40, 93, 3B, 94, AE, CF, F1, 88, 67, 00, FE, 5A, 3D, 5C, 8B, AE, 4C, B7, CD, B5, 20, AB, 5B, E9, B0, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
4.9108

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
28 KB (28,672 bytes)

Remove winstarticon.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.