home

77069eae5996b1916e74567e5ad9000d8abdc1da

VirusChaser

SGA Co.,LTD

Publisher:
Security Global Alliance  (signed by SGA Co.,LTD)

Product:
VirusChaser

Description:
VirusChaser Global Security Services

Version:
8, 0, 12265, 1012

MD5:
65fdf7042bfcc07bb80f4d500618b8bd

SHA-1:
77069eae5996b1916e74567e5ad9000d8abdc1da

SHA-256:
f3e27b156f69bdc38f0ab93f8386485b666258561e174714e92ef3a320140f5d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 7:48:48 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/Downloader.J.gen
4.6.5.141

File size:
142.6 KB (146,016 bytes)

Product version:
8, 0, 12265, 1012

Copyright:
Security Global Alliance. All rights reserved.

Original file name:
vcsvc.exe

Common path:
C:\Documents and Settings\{user}\Application data\sga\vc\77069eae5996b1916e74567e5ad9000d8abdc1da

Digital Signature
Signed by:
SGA Co.,LTD

Authority:
VeriSign, Inc.

Valid from:
9/27/2010 9:00:00 AM

Valid to:
9/27/2012 8:59:59 AM

Subject:
CN="SGA Co.,LTD", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="SGA Co.,LTD", L=Seocho, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1E4FB996047E57B3665BA7A991A6EF55

File PE Metadata
Compilation timestamp:
9/21/2012 5:55:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:FZ2vchLiCJSjkowgxAkYcJawmaLF/JrAmKTQKq4XKyJQ9Wew/dlmO+QYm0lIZr+s:GvQLij+CAkVawZL/KEoc9caFDFKx3pn

Entry address:
0x44001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 40, 04, 00, 83, BD, 22, 04, 00, 00, 00, 89, 9D, 22, 04, 00, 00, 0F, 85, 65, 03, 00, 00, 8D, 85, 2E, 04, 00, 00, 50, FF, 95, 4D, 0F, 00, 00, 89, 85, 26, 04, 00, 00, 8B, F8, 8D, 5D, 5E, 53, 50, FF, 95, 49, 0F, 00, 00, 89, 85, 4D, 05, 00, 00, 8D, 5D, 6B, 53, 57, FF, 95, 49, 0F, 00, 00, 89, 85, 51, 05, 00, 00, 8D, 45, 77, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72...
 
[+]

Entropy:
7.6007

Packer / compiler:
ASPack v2.12

Code size:
168 KB (172,032 bytes)

Scan 77069eae5996b1916e74567e5ad9000d8abdc1da - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.