× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 67cc605442988a11fa9fce359a4209ffe98c0664ea2e53f826944980cb2a228a
Nombre: hmpalert3b769.exe
Detecciones: 2 / 68
Fecha de análisis: 2018-12-02 18:33:10 UTC ( hace 4 meses, 3 semanas ) Ver el más reciente
Antivirus Resultado Actualización
eGambit PE.Heur.InvalidSig 20181202
Trapmine malicious.high.ml.score 20181128
Ad-Aware 20181202
AegisLab 20181202
AhnLab-V3 20181202
Alibaba 20180921
ALYac 20181202
Antiy-AVL 20181202
Arcabit 20181202
Avast 20181202
Avast-Mobile 20181202
AVG 20181202
Avira (no cloud) 20181202
Babable 20180918
Baidu 20181130
BitDefender 20181202
Bkav 20181129
CAT-QuickHeal 20181202
ClamAV 20181202
CMC 20181202
Comodo 20181202
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181202
Cyren 20181202
DrWeb 20181202
Emsisoft 20181202
Endgame 20181108
ESET-NOD32 20181202
F-Prot 20181202
F-Secure 20181202
Fortinet 20181202
GData 20181202
Ikarus 20181202
Sophos ML 20181128
Jiangmin 20181202
K7AntiVirus 20181202
K7GW 20181202
Kaspersky 20181202
Kingsoft 20181202
Malwarebytes 20181202
MAX 20181202
McAfee 20181202
McAfee-GW-Edition 20181202
Microsoft 20181202
eScan 20181202
NANO-Antivirus 20181202
Palo Alto Networks (Known Signatures) 20181202
Panda 20181202
Qihoo-360 20181202
Rising 20181202
SentinelOne (Static ML) 20181011
Sophos AV 20181202
SUPERAntiSpyware 20181128
Symantec 20181201
Symantec Mobile Insight 20181121
TACHYON 20181202
Tencent 20181202
TheHacker 20181202
TrendMicro 20181202
TrendMicro-HouseCall 20181202
Trustlook 20181202
VBA32 20181130
ViRobot 20181202
Webroot 20181202
Yandex 20181130
Zillya 20181130
ZoneAlarm by Check Point 20181202
Zoner 20181202
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© 2013-2018 SurfRight, A Sophos Company

Product HitmanPro.Alert
Original name hmpalert.exe
Internal name hmpalert.exe
File version 3.7.9.769
Description HitmanPro.Alert
Comments Incorporates Threatstar Exploit Mitigation Platform (EMP)
Signature verification The digital signature of the object did not verify.
Signing date 8:32 AM 3/12/2019
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-14 10:00:03
Entry Point 0x001D2320
Number of sections 6
PE sections
Overlays
MD5 b75a319975a3164eee0f28f4f0711681
File type data
Offset 4400640
Size 13448
Entropy 7.34
PE imports
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
CreateFileMappingA
GetOverlappedResult
WaitForSingleObject
LockResource
Thread32Next
HeapDestroy
SignalObjectAndWait
CreateTimerQueue
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
UnhandledExceptionFilter
ExitProcess
UnregisterWait
GetFileInformationByHandle
InitializeSListHead
InterlockedPopEntrySList
GetLocaleInfoW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetFileAttributesA
GetDiskFreeSpaceW
WriteFile
GetTimeZoneInformation
GetSystemTimeAsFileTime
SetThreadAffinityMask
GetThreadTimes
GlobalMemoryStatusEx
Thread32First
GetDiskFreeSpaceA
GetStringTypeW
GetThreadPriority
GetFullPathNameA
FreeLibrary
LocalFree
FormatMessageW
IsWow64Process
ConnectNamedPipe
GetExitCodeProcess
InterlockedPushEntrySList
InitializeCriticalSection
OutputDebugStringW
GetLogicalDriveStringsW
FindClose
InterlockedDecrement
QueryDosDeviceW
FormatMessageA
GetFullPathNameW
QueueUserWorkItem
EncodePointer
OutputDebugStringA
FreeLibraryAndExitThread
SetLastError
GetSystemTime
DeviceIoControl
TlsGetValue
CopyFileW
LoadResource
GetModuleFileNameW
TryEnterCriticalSection
RegisterWaitForSingleObject
DeleteTimerQueueEx
FlushFileBuffers
FlushViewOfFile
RaiseException
LoadLibraryExA
Process32FirstW
SetThreadPriority
Heap32First
GetUserDefaultLCID
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
VerifyVersionInfoW
SetFilePointerEx
DeleteTimerQueueTimer
GetModuleHandleA
SetFileAttributesW
LockFileEx
CreateThread
InterlockedFlushSList
MoveFileExW
GetSystemDirectoryW
DisconnectNamedPipe
SetNamedPipeHandleState
SetUnhandledExceptionFilter
ConvertDefaultLocale
CreateMutexW
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
GetModuleHandleExW
GlobalAlloc
Heap32Next
ChangeTimerQueueTimer
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
GetModuleHandleExA
WriteConsoleW
CreateToolhelp32Snapshot
AreFileApisANSI
GetSystemWow64DirectoryW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
PeekNamedPipe
TerminateThread
LoadLibraryW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
UnlockFile
Heap32ListFirst
GetWindowsDirectoryW
GetFileSize
LCMapStringW
OpenProcess
DeleteFileA
GetWindowsDirectoryA
GetDateFormatW
GetStartupInfoW
ReadProcessMemory
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
CreateNamedPipeW
GetProcessHeap
CreateFileMappingW
CompareStringW
GetFileSizeEx
FreeEnvironmentStringsW
FindNextFileW
WTSGetActiveConsoleSessionId
HeapValidate
CreateHardLinkW
CreateTimerQueueTimer
GetComputerNameA
FindFirstFileW
IsValidLocale
DuplicateHandle
FindFirstFileExW
GetProcAddress
GetLogicalProcessorInformation
GetTempPathW
GetProcessAffinityMask
CreateEventW
ReadDirectoryChangesW
UnregisterWaitEx
CreateFileW
CreateEventA
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetNativeSystemInfo
GetLastError
SystemTimeToFileTime
QueryDepthSList
UnmapViewOfFile
GetSystemInfo
GlobalFree
GetConsoleCP
FindResourceW
HeapReAlloc
GetEnvironmentStringsW
GlobalUnlock
WaitForSingleObjectEx
TransactNamedPipe
Process32NextW
VirtualFree
HeapCompact
LockFile
Module32FirstW
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
GetCurrentProcessId
WaitNamedPipeW
CreateIoCompletionPort
ProcessIdToSessionId
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
VerSetConditionMask
InterlockedCompareExchange
CancelIo
GetCurrentThread
Heap32ListNext
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
GetQueuedCompletionStatus
ReadFile
CloseHandle
OpenMutexW
UnlockFileEx
GetACP
GlobalLock
GetModuleHandleW
FreeResource
SwitchToThread
GetFileAttributesExW
GetLongPathNameW
GetNumaHighestNodeNumber
IsValidCodePage
HeapCreate
OpenEventW
VirtualQuery
CreateProcessW
Sleep
Module32NextW
VirtualAlloc
GetOEMCP
ResetEvent
MapWindowPoints
GetForegroundWindow
SetWindowRgn
RedrawWindow
GetInputState
DrawTextW
SetRectEmpty
PostQuitMessage
GetMessagePos
SetWindowPos
EndPaint
WindowFromPoint
GetMessageTime
DispatchMessageW
GetCursorPos
ChildWindowFromPointEx
SendMessageW
IsDialogMessageW
GetClassInfoW
AllowSetForegroundWindow
SetMenuDefaultItem
GetThreadDesktop
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
ClientToScreen
MapVirtualKeyExW
DestroyWindow
GetUserObjectInformationW
GetParent
UpdateWindow
GetPropW
EqualRect
EnumWindows
GetUserObjectInformationA
GetMessageW
ShowWindow
GetCaretPos
SetPropW
PeekMessageW
EnableWindow
CharUpperW
ScrollDC
TranslateMessage
IsWindowEnabled
GetWindow
SetClipboardData
SetParent
RegisterClassW
IsZoomed
EnableMenuItem
SetTimer
UnhookWinEvent
GetKeyboardLayout
FillRect
CopyRect
EnumDesktopWindows
CreateWindowExW
GetWindowLongW
PtInRect
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
OpenInputDesktop
IsIconic
SwitchDesktop
BeginPaint
OffsetRect
DefWindowProcW
KillTimer
TrackMouseEvent
RegisterWindowMessageA
GetClipboardData
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
CharLowerW
PostMessageW
CreatePopupMenu
DrawIconEx
CharUpperBuffW
SetWindowTextW
CharLowerBuffW
BringWindowToTop
ScreenToClient
GetAsyncKeyState
TrackPopupMenu
AttachThreadInput
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
FindWindowExW
GetDC
SetForegroundWindow
ExitWindowsEx
OpenClipboard
EmptyClipboard
ReleaseDC
SetLayeredWindowAttributes
CreateIconIndirect
SetWinEventHook
GetWindowThreadProcessId
MessageBoxW
RegisterClassExW
UnhookWindowsHookEx
MoveWindow
AppendMenuW
MessageBoxExW
MsgWaitForMultipleObjectsEx
IsWindowVisible
SetCursorPos
SystemParametersInfoW
MonitorFromWindow
SetRect
RealGetWindowClassA
InvalidateRect
CallWindowProcW
GetClassNameW
ModifyMenuW
CloseDesktop
IsRectEmpty
CloseClipboard
SetCursor
GetClientRect
Number of PE resources by type
RT_RCDATA 47
RT_ICON 10
RT_GROUP_ICON 3
RT_MESSAGETABLE 1
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 61
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

Comments
Incorporates Threatstar Exploit Mitigation Platform (EMP)

LinkerVersion
14.15

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.7.9.769

LanguageCode
Process default

FileFlagsMask
0x003f

FileDescription
HitmanPro.Alert

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
2179584

EntryPoint
0x1d2320

OriginalFileName
hmpalert.exe

MIMEType
application/octet-stream

LegalCopyright
2013-2018 SurfRight, A Sophos Company

FileVersion
3.7.9.769

TimeStamp
2018:11:14 11:00:03+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
hmpalert.exe

ProductVersion
3.7.9.769

UninitializedDataSize
0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
SurfRight B.V.

CodeSize
2240512

ProductName
HitmanPro.Alert

ProductVersionNumber
3.7.9.769

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 88fc8c4a5bd355d0352695477c8990d9
SHA1 2d7dc4150db1674f9c35b4d34934aa8cfcba1780
SHA256 67cc605442988a11fa9fce359a4209ffe98c0664ea2e53f826944980cb2a228a
ssdeep
98304:AwCFNp69NS0kDSM6gIJrjW7zfC/LG4Ge1vZQV:i4dce1vZA

authentihash e62fef8d1883cf5aa806682e7ce5ba65d9c6fb322e53a0163a1c1b1438bf60c2
imphash 9f1097cbce0dba2817fa719e2e02f51b
Tamaño del fichero 4.2 MB ( 4414088 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (75.3%)
Win64 Executable (generic) (17.8%)
Win32 Executable (generic) (2.9%)
OS/2 Executable (generic) (1.3%)
Generic Win/DOS Executable (1.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-11-15 08:51:27 UTC ( hace 5 meses, 1 semana )
Last submission 2019-03-10 09:11:15 UTC ( hace 1 mes, 2 semanas )
Nombres hmpalert.exe
hmpalert3.exe
Setup.exe
hmpalert3b769.exe
hmpalert.exe
.
hmpalert3.exe
hmpalert3.exe
hmpalert.exe
hmpalert.exe
hmpalert.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs