» 1.dll 重整.exe
Overview
Analysis
File Details
Downloads (5)

1.dll 重整.exe

Project1

mychat

File name:

1.dll 重整.exe

Publisher:

mychat

Product:

Project1

Version:

1.00

MD5:

757bc1aef7098db9ce30715fd5487d9f

SHA-1:

86a87db931b4b824c2a7005815563cdff827004e

SHA-256:

f1d7a245ef43a9717f5d9c8e8c4f686d577a7ebf9dc3b42e91fac1dda4dfdd76

Scanner detections:

4 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/25/2024 7:11:39 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Generic8_c

2015.0.3504

Dr.Web

Trojan.Click2.30853

9.0.1.0104

McAfee

Artemis!757BC1AEF709

5600.7160

NANO AntiVirus

Trojan.Win32.Click2.yqfzz

0.28.0.58491

File size:

16 KB (16,384 bytes)

Product version:

1.00

Original file name:

error.ex.exe

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

10/8/2007 12:08:43 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

96:/lxA8d5qeyG1RnWjCLZXQRa1G/ZXLzNcZ2:/ThAKk6GB7WZ

Entry address:

0x1160

Entry point:

68, 9C, 12, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 03, 17, 55, B0, D9, 20, 66, 42, BB, 75, CC, F6, 94, F3, E1, AB, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, D8, 81, 41, 01, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, C1, 40, 00, 08, C1, 40, 00, 00, 00, 00, 00, FF, CC, 31, 00, 00, 4A, 3D, 03, 91, DB, F4, C0, 46, AE, F0, 17, 64, 42, 86, B8, E2, 74, 9B, 17, 63, CB, 98, 8A, 47, 87, 21, A9, 1A, F6, D6, 11, CE, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00... 
[+]

Entropy:

1.8153

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

4 KB (4,096 bytes)

The file 1.dll 重整.exe has been seen being distributed by the following 5 URLs.

http://download731.mediafire.com/oo96vl7pmrpg/.../error.exe

http://sites.google.com/site/.../error.exe

http://game764202.googlepages.com/error.exe

https://3be82057-a-62cb3a1a-s-sites.googlegroups.com/site/.../error.exe

https://sites.google.com/site/.../error.exe

Scan 1.dll 重整.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.