× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d6aecd6828007903c9504ba429eebed3c0dd990415ea91d0226c8dc77b291486
File name: output.113140094.txt
Detection ratio: 53 / 68
Analysis date: 2018-05-01 12:45:52 UTC ( 11 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.30633420 20180501
AegisLab Troj.W32.Generic!c 20180501
AhnLab-V3 Trojan/Win32.Agent.R226442 20180501
ALYac Trojan.GenericKD.30633420 20180501
Antiy-AVL Trojan/Win32.AGeneric 20180501
Arcabit Trojan.Generic.D1D36DCC 20180501
Avast MSIL:GenMalicious-FJ [Trj] 20180430
AVG MSIL:GenMalicious-FJ [Trj] 20180501
Avira (no cloud) TR/Dropper.MSIL.lnvuf 20180501
AVware Trojan.Win32.Generic!BT 20180428
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9997 20180428
BitDefender Trojan.GenericKD.30633420 20180501
CAT-QuickHeal Trojan.IGENERIC 20180430
Comodo UnclassifiedMalware 20180501
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180418
Cylance Unsafe 20180501
Cyren W32/Trojan.HGDG-2974 20180501
DrWeb BackDoor.Bladabindi.13678 20180501
Emsisoft Trojan.GenericKD.30633420 (B) 20180501
Endgame malicious (high confidence) 20180402
ESET-NOD32 a variant of MSIL/Injector.CMQ 20180501
F-Secure Trojan.GenericKD.30633420 20180501
Fortinet W32/Generic.CMQ!tr 20180501
GData Trojan.GenericKD.30633420 20180501
Ikarus Trojan.MSIL.Injector 20180430
Sophos ML heuristic 20180120
K7AntiVirus Trojan ( 004b954f1 ) 20180501
K7GW Trojan ( 004b954f1 ) 20180501
Kaspersky HEUR:Trojan.Win32.Generic 20180501
Malwarebytes Spyware.AzorUlt 20180501
MAX malware (ai score=98) 20180501
McAfee GenericRXEZ-IE!F2C2559D7140 20180501
McAfee-GW-Edition BehavesLike.Win32.Generic.th 20180425
Microsoft Trojan:Win32/Dynamer!rfn 20180501
eScan Trojan.GenericKD.30633420 20180501
NANO-Antivirus Trojan.Win32.Bladabindi.falhqe 20180501
Palo Alto Networks (Known Signatures) generic.ml 20180501
Panda Trj/CI.A 20180430
Qihoo-360 Win32/Trojan.069 20180501
Rising Trojan.Generic!8.C3 (TFE:C:wpjdHAvDdFP) 20180501
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Generic-S 20180501
Symantec Trojan.Gen.2 20180501
Tencent Win32.Trojan.Generic.Edne 20180501
TrendMicro TROJ_GEN.R057C0ODK18 20180501
TrendMicro-HouseCall TROJ_GEN.R057C0ODK18 20180501
VBA32 TScope.Trojan.MSIL 20180428
VIPRE Trojan.Win32.Generic!BT 20180501
ViRobot Trojan.Win32.Z.Injector.1849335 20180501
Webroot W32.Trojan.Gen 20180501
Yandex Trojan.Agent!eaii17FHGRI 20180428
Zillya Trojan.Injector.Win32.599358 20180430
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180501
Alibaba 20180428
Avast-Mobile 20180501
Babable 20180406
Bkav 20180426
ClamAV 20180501
CMC 20180501
Cybereason None
eGambit 20180501
F-Prot 20180501
Jiangmin 20180501
Kingsoft 20180501
nProtect 20180501
SUPERAntiSpyware 20180501
Symantec Mobile Insight 20180501
TheHacker 20180430
TotalDefense 20180501
Trustlook 20180501
Zoner 20180430
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018

Product HD Helper
Original name HDHelper.exe
Internal name HDHelper.exe
File version 4.3.0.256
Description HDHelper
Comments HD Helper
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-14 23:16:48
Entry Point 0x0009048E
Number of sections 4
.NET details
Module Version ID 3fb47783-edad-43c7-b843-805e1b6d6d21
TypeLib ID 006f8b62-b50a-45c2-96aa-e67885c0146b
PE sections
Overlays
MD5 db139834170fea2a40a5975bc14e29f1
File type data
Offset 770048
Size 1079287
Entropy 6.01
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 9
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 12
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

Comments
HD Helper

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.3.0.256

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
HDHelper

ImageFileCharacteristics
Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
185856

EntryPoint
0x9048e

OriginalFileName
HDHelper.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018

FileVersion
4.3.0.256

TimeStamp
2018:04:15 01:16:48+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
HDHelper.exe

ProductVersion
4.3.0.256

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
2016-2017 Adobe. All rights reserved.

CodeSize
583168

ProductName
HD Helper

ProductVersionNumber
4.3.0.256

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
4.3.0.256

Execution parents
File identification
MD5 f2c2559d714056adcdc939ddf0577341
SHA1 3f72ce370cd427196fe66839b6277601b76c554c
SHA256 d6aecd6828007903c9504ba429eebed3c0dd990415ea91d0226c8dc77b291486
ssdeep
24576:cl2c/kGPzyO5aAVQeO9sYX1T7+SgQ4lhjR2A6Gr35dFlES8kCcEHEShm3Htf24hO:clzGA615163EDxk59htvCqbgff

authentihash 72124fd7b8fa7ba18adae8d7f4eeb4864ca4417c2fc7f9608fc6c070fef79bc3
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.8 MB ( 1849335 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (69.4%)
Windows screen saver (12.4%)
Win32 Dynamic Link Library (generic) (6.2%)
Win32 Executable (generic) (4.2%)
Win16/32 Executable Delphi generic (1.9%)
Tags
peexe assembly overlay

VirusTotal metadata
First submission 2018-04-19 14:40:20 UTC ( 1 year ago )
Last submission 2018-05-27 11:38:18 UTC ( 10 months, 4 weeks ago )
File names output.113140094.txt
HDHelper.exe
ApntEx.exe
a33ad4ea6d044d210632bb3bd1a3c67f3766c2e9
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!