銀河 中亂.exe

QMacro

Fuzhou TianxiaChuangshi Digital Co.,Ltd.

Publisher:
vrBrothers Corporation.   (signed by Fuzhou TianxiaChuangshi Digital Co.,Ltd.)

Product:
QMacro

Description:
QMacro's macro runner.

Version:
8, 0, 0, 6786

MD5:
8cb2d2dc8ef544fed7169e12483f89f7

SHA-1:
c9a27500ea993396e335611567269dca48834b13

SHA-256:
998c287e8239cae63ff19790cb29e662cd33da40f830d9ba5c0dbc09edbce44a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/12/2017 7:20:53 PM UTC  (today)

File size:
2.4 MB (2,510,370 bytes)

Product version:
8, 0, 0, 6786

Copyright:
(C) vrBrothers Corporation. All rights reserved.

Original file name:
mymacro.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\銀河 中亂.exe

Digital Signature
Authority:
WoSign, Inc.

Valid from:
1/13/2010 8:00:00 AM

Valid to:
1/14/2011 7:59:59 AM

Subject:
CN="Fuzhou TianxiaChuangshi Digital Co.,Ltd.", OU=Class 3 - for Microsoft Authenticode Signing, O="Fuzhou TianxiaChuangshi Digital Co.,Ltd.", L=Fuzhou, S=Fujian, C=CN

Issuer:
CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:
03B3E80789FEE6ABE93DD972817E53F8

File PE Metadata
Compilation timestamp:
5/22/2010 7:59:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:zMEOgMBs/vkJGf0ZeTQzJ21toGBzAMzBjBTDZnZasnb0pU:zcgMBxMf0Zrc1toGBzAMzBjBTDZfx

Entry address:
0x23D8C

Entry point:
55, 8B, EC, 6A, FF, 68, 68, CD, 4B, 00, 68, 74, 3D, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, D0, 9D, 4B, 00, 59, 83, 0D, 64, 24, 57, 00, FF, 83, 0D, 68, 24, 57, 00, FF, FF, 15, D4, 9D, 4B, 00, 8B, 0D, C4, 05, 55, 00, 89, 08, FF, 15, D8, 9D, 4B, 00, 8B, 0D, C0, 05, 55, 00, 89, 08, A1, DC, 9D, 4B, 00, 8B, 00, A3, 60, 24, 57, 00, E8, 22, 01, 00, 00, 39, 1D, 38, E5, 52, 00, 75, 0C, 68, 1A, 3F, 42, 00, FF, 15, E0, 9D...
 
[+]

Entropy:
5.5850

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
736 KB (753,664 bytes)

Scan 銀河 中亂.exe - Powered by Reason Core Security