× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0e679e0c521ececd7445780b3bf59d0b7475f69fc4c74ff9e512043a64396cdc
File name: 1706172335 (4).exe
Detection ratio: 17 / 61
Analysis date: 2017-07-01 13:53:52 UTC ( 2 weeks, 5 days ago )
Antivirus Result Update
AegisLab Heur.Advml.Gen!c 20170701
Avast Win32:Malware-gen 20170701
AVG Win32:Malware-gen 20170701
AVware Trojan.Win32.Generic!BT 20170701
Cyren W32/GenPua.79F47FC4!Olympus 20170701
Emsisoft Application.AdSpot (A) 20170701
ESET-NOD32 a variant of Win32/EasyHotspot.A potentially unwanted 20170701
Malwarebytes Adware.Hostify 20170701
McAfee Artemis!79F47FC4218D 20170701
McAfee-GW-Edition BehavesLike.Win32.Generic.hh 20170701
Rising PUA.EasyHotspot!8.E3BD (cloud:nMZuv4uBsPN) 20170701
Sophos AV Generic PUA OP (PUA) 20170701
Symantec Trojan.Gen.2 20170630
TrendMicro-HouseCall TROJ_GEN.R002H05FJ17 20170701
VIPRE Trojan.Win32.Generic!BT 20170701
ViRobot Trojan.Win32.Z.Hostify.535040 20170701
Webroot W32.Malware.Gen 20170701
Ad-Aware 20170701
AhnLab-V3 20170701
Alibaba 20170701
ALYac 20170701
Antiy-AVL 20170630
Arcabit 20170701
Avira (no cloud) 20170701
Baidu 20170630
BitDefender 20170701
Bkav 20170701
CAT-QuickHeal 20170701
ClamAV 20170701
CMC 20170701
Comodo 20170701
CrowdStrike Falcon (ML) 20170420
DrWeb 20170701
Endgame 20170629
F-Prot 20170701
F-Secure 20170701
Fortinet 20170629
GData 20170701
Ikarus 20170701
Sophos ML 20170607
Jiangmin 20170701
K7AntiVirus 20170701
K7GW 20170701
Kaspersky 20170701
Kingsoft 20170701
Microsoft 20170701
eScan 20170701
NANO-Antivirus 20170701
nProtect 20170701
Palo Alto Networks (Known Signatures) 20170701
Panda 20170701
Qihoo-360 20170701
SentinelOne (Static ML) 20170516
SUPERAntiSpyware 20170701
Symantec Mobile Insight 20170630
Tencent 20170701
TheHacker 20170628
TrendMicro 20170701
Trustlook 20170701
VBA32 20170630
WhiteArmor 20170627
Yandex 20170630
Zillya 20170701
ZoneAlarm by Check Point 20170701
Zoner 20170701
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2016

Product Hostify
Original name PublicHotspot.exe
Internal name PublicHotspot.exe
File version 1.0.0.0
Description Hostify
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-08 13:34:53
Entry Point 0x00054EC2
Number of sections 3
.NET details
Module Version ID 4a90f9ee-efd9-4044-bbf9-a963b6f17b21
TypeLib ID 76dcd147-e89e-4acb-b0a9-f54a61f17e5d
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 9
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 12
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
194560

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
48.0

EntryPoint
0x54ec2

OriginalFileName
PublicHotspot.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2016

FileVersion
1.0.0.0

TimeStamp
2016:11:08 14:34:53+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PublicHotspot.exe

ProductVersion
1.0.0.0

FileDescription
Hostify

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Wizzlabs

CodeSize
339968

ProductName
Hostify

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

Compressed bundles
File identification
MD5 79f47fc4218db4121a6ce3a34a719b0e
SHA1 ef7dcb897deaec0467f622ddf8730955efe7b354
SHA256 0e679e0c521ececd7445780b3bf59d0b7475f69fc4c74ff9e512043a64396cdc
ssdeep
6144:rRMaddTbGUHSHT4D7SlIgQinayywnyZncb7Jifa1hI8ZOGxsbGtSPZX:hdVcQin1FoncwWhI8ZOAgcSR

authentihash 91fad0886d06b3bab8521ba8106634ee0fd36d26e4c1faac422141ac7aa5460e
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 522.5 KB ( 535040 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-11-25 13:10:50 UTC ( 7 months, 3 weeks ago )
Last submission 2017-07-01 13:53:52 UTC ( 2 weeks, 5 days ago )
File names adware EasyHotspot
publichotspot.exe
PUBLICHOTSPOT.EXE
1706172335 (4).exe
PublicHotspot.exe
PublicHotspot.exe
79f47fc4218db4121a6ce3a34a719b0e.exe
PublicHotspot.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!