× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dc70a1ddf0e26dc8ca4935a87c90bc27f2312b9e8036089cb8522a25897a0de8
File name: hmpalert
Detection ratio: 0 / 55
Analysis date: 2014-09-15 18:15:43 UTC ( 4 years, 4 months ago )
Antivirus Result Update
Ad-Aware 20140915
AegisLab 20140915
Yandex 20140915
AhnLab-V3 20140915
Antiy-AVL 20140915
Avast 20140915
AVG 20140915
Avira (no cloud) 20140915
AVware 20140915
Baidu-International 20140915
BitDefender 20140915
Bkav 20140915
ByteHero 20140915
CAT-QuickHeal 20140915
ClamAV 20140915
CMC 20140915
Comodo 20140915
Cyren 20140915
DrWeb 20140915
Emsisoft 20140915
ESET-NOD32 20140915
F-Prot 20140915
F-Secure 20140915
Fortinet 20140915
GData 20140915
Ikarus 20140915
Jiangmin 20140914
K7AntiVirus 20140915
K7GW 20140915
Kaspersky 20140915
Kingsoft 20140915
Malwarebytes 20140915
McAfee 20140915
McAfee-GW-Edition 20140915
Microsoft 20140915
eScan 20140915
NANO-Antivirus 20140915
Norman 20140915
nProtect 20140915
Panda 20140915
Qihoo-360 20140915
Rising 20140915
Sophos AV 20140915
SUPERAntiSpyware 20140915
Symantec 20140915
Tencent 20140915
TheHacker 20140915
TotalDefense 20140915
TrendMicro 20140915
TrendMicro-HouseCall 20140915
VBA32 20140915
VIPRE 20140915
ViRobot 20140915
Zillya 20140915
Zoner 20140915
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Authenticode signature block and FileVersionInfo properties
Copyright
© 2012 SurfRight B.V.

Publisher SurfRight B.V.
Product HitmanPro.Alert
Original name hmpalert.exe
Internal name hmpalert
File version 1, 0, 3, 0
Description HitmanPro.Alert (Beta 3)
Signature verification Signed file, verified signature
Signing date 9:20 PM 6/18/2012
Signers
[+] SurfRight B.V.
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 11/24/2011
Valid to 12:59 AM 11/25/2012
Valid usage Code Signing
Algorithm SHA1
Thumbprint F293ADC3EBDBC017C40C9E15DE708D1FAF3114C6
Serial number 08 CD 82 7D 6B B3 3B D5 78 BC B6 5A 72 9A B5 97
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer None
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer None
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 1/1/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 8FD99D63FB3AFBD534A4F6E31DACD27F59504021
Serial number 79 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED
[+] VeriSign Time Stamping Services CA
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer None
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-18 20:20:45
Entry Point 0x00032182
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
OpenServiceW
AdjustTokenPrivileges
ControlService
LookupPrivilegeValueW
RegDeleteKeyW
DeleteService
CheckTokenMembership
RegQueryValueExW
SetSecurityDescriptorDacl
CloseServiceHandle
ChangeServiceConfig2W
QueryServiceStatus
RegOpenKeyExW
RegisterServiceCtrlHandlerExW
RegQueryInfoKeyW
CreateServiceW
GetTokenInformation
SetServiceStatus
ImpersonateSelf
RegEnumKeyExW
OpenThreadToken
CreateProcessAsUserW
SetEntriesInAclW
StartServiceW
RegSetValueExW
FreeSid
OpenSCManagerW
AllocateAndInitializeSid
InitializeSecurityDescriptor
QueryServiceStatusEx
StartServiceCtrlDispatcherW
InitCommonControlsEx
GetDeviceCaps
OffsetWindowOrgEx
DeleteDC
CreateFontIndirectW
SetBkMode
SetWindowOrgEx
CreatePen
GetStockObject
GetTextColor
SelectObject
Rectangle
BitBlt
CreateDIBSection
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SetTextColor
CreateSolidBrush
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
SetEvent
SignalObjectAndWait
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
WaitForSingleObject
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
FormatMessageW
SetWaitableTimer
InitializeCriticalSection
LoadResource
FindClose
InterlockedDecrement
QueryDosDeviceW
FormatMessageA
SetFileAttributesW
SetLastError
CopyFileW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
GetCalendarInfoW
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
GetModuleHandleA
CreateThread
GetSystemDirectoryW
SetUnhandledExceptionFilter
ConvertDefaultLocale
TerminateProcess
WriteConsoleA
GlobalAlloc
LocalFileTimeToFileTime
VirtualQueryEx
SetEndOfFile
GetVersion
InterlockedIncrement
WriteConsoleW
GetSystemWow64DirectoryW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
OpenProcess
GetStartupInfoW
ReadProcessMemory
DeleteFileW
WaitForMultipleObjects
GetProcessHeap
CreateWaitableTimerW
GetFileSizeEx
RemoveDirectoryW
FindNextFileW
GetCurrentThreadId
WTSGetActiveConsoleSessionId
ResetEvent
FindFirstFileW
DuplicateHandle
GetProcAddress
GetTempPathW
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetProcessTimes
GetEnvironmentStringsW
WaitForSingleObjectEx
CreateProcessW
SizeofResource
GetCurrentProcessId
LockResource
ProcessIdToSessionId
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FreeResource
IsValidCodePage
HeapCreate
FindResourceW
VirtualFree
Sleep
VirtualAlloc
AlphaBlend
EnumProcesses
GetModuleFileNameExW
SHGetFolderPathW
ShellExecuteW
SHCreateDirectoryExW
CommandLineToArgvW
ShellExecuteExW
SetFocus
RedrawWindow
GetMonitorInfoW
GetForegroundWindow
EndPaint
ReleaseDC
SetLayeredWindowAttributes
GetPropW
DrawTextW
EnumWindows
DefWindowProcW
KillTimer
TrackMouseEvent
GetMessageW
PostQuitMessage
ShowWindow
SetPropW
GetParent
GetWindowThreadProcessId
GetSysColorBrush
SetCursor
MonitorFromWindow
MessageBoxW
LoadCursorW
GetWindowRect
ScreenToClient
GetDC
SetRectEmpty
MapWindowPoints
WindowFromPoint
SetWindowPos
AdjustWindowRectEx
TranslateMessage
IsWindowEnabled
GetWindowTextLengthW
GetSysColor
DispatchMessageW
ChildWindowFromPointEx
BeginPaint
SendMessageW
RegisterClassW
GetWindowLongW
IsWindowVisible
GetClassInfoW
SetWindowTextW
CloseWindow
GetDlgItem
SystemParametersInfoW
CallWindowProcW
GetNextDlgTabItem
ClientToScreen
SetRect
SetWindowLongW
InvalidateRect
DrawFocusRect
SetTimer
GetClientRect
PostThreadMessageW
FillRect
AttachThreadInput
CopyRect
GetWindowTextW
GetDesktopWindow
IsDialogMessageW
IsRectEmpty
GetFocus
CreateWindowExW
EnableWindow
SetForegroundWindow
PtInRect
GetAncestor
DestroyWindow
CreateEnvironmentBlock
DestroyEnvironmentBlock
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
WinHttpSetOption
WinHttpConnect
WinHttpQueryHeaders
WinHttpSendRequest
WinHttpCloseHandle
WinHttpCreateUrl
WinHttpWriteData
WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpSetStatusCallback
WinHttpReceiveResponse
WinHttpOpen
WinHttpOpenRequest
WinHttpReadData
WTSQueryUserToken
Number of PE resources by type
RT_ICON 6
RT_RCDATA 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
DUTCH 14
ENGLISH US 1
PE resources
File identification
MD5 a155dcd4ae09ed64f4208d57c231dd93
SHA1 1d49a4c69f33dd3e5d56b10d2dea0099c21116ce
SHA256 dc70a1ddf0e26dc8ca4935a87c90bc27f2312b9e8036089cb8522a25897a0de8
ssdeep
12288:XWNFHIpjnwSF9VxiYpDVimMFrmaRBcu3+6FD5iKOejMATawWcfTswxwzas0gJknw:i690u62K1jbTYcfTvxs0gJGn1H2

authentihash 44ddd3897dac46f1643d25587c6ae633b589967cd37ac935e0269f3259d62340
imphash 5f43d0584cc82b805b3621434b34c377
File size 518.9 KB ( 531304 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe signed mz

VirusTotal metadata
First submission 2012-06-23 03:16:13 UTC ( 6 years, 7 months ago )
Last submission 2013-05-22 10:08:11 UTC ( 5 years, 8 months ago )
File names DEF71051680A3C331BE608921FC43800E837E2D9.exe
file-4260974_exe
hmpalert.exe
hmpalert
hmpalert.exe
hmpalert.exe
hmpalert(b3).exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!