home

89f45050-sample

疯狂升级

Beijing Globallink Computer Technology Co.,Ltd

The file 89f45050-sample has been detected as malware by 38 anti-virus scanners.
Publisher:
Beijing Globallink Computer Technology Co.,Ltd  (signed and verified)

Product:
疯狂升级

Description:
联众游戏:疯狂升级

Version:
2, 0, 0, 3

MD5:
2844fa2789fcdcb2a075314e6b09ae48

SHA-1:
aefb7a1966456fad64a80dcacb4bbe0a0889f13a

SHA-256:
67168b1357423cb8cd2570dbc8f34743a4dd727473ed1604e93e611b674a561d

Scanner detections:
38 / 68

Status:
Malware

Analysis date:
4/26/2024 12:34:17 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.SlugIn.A
766

Agnitum Outpost
Win32.Slugin.A
7.1.1

AhnLab V3 Security
Win32/Slugin.C
2014.12.05

Avira AntiVirus
W32/Slugin.A
7.11.192.172

avast!
Win32:Patched-HO [Trj]
2014.9-141231

AVG
Win32/Slugin.A
2015.0.3244

Baidu Antivirus
Virus.Win32.Patched.$dj
4.0.3.141231

Bitdefender
Win32.SlugIn.A
1.0.20.1825

Bkav FE
W32.OlayFara.PE
1.3.0.6267

Clam AntiVirus
Trojan.Spy-59563
0.98/21511

Comodo Security
TrojWare.Win32.Patched.Q
20283

Dr.Web
Win32.Wplugin.2
9.0.1.0365

ESET NOD32
Win32/Slugin
8.10830

Fortinet FortiGate
W32/Wplug.A
12/31/2014

F-Prot
W32/Slugin.B
v6.4.7.1.166

F-Secure
Win32.SlugIn.A
11.2014-31-12_4

G Data
Win32.SlugIn
14.12.24

IKARUS anti.virus
Virus.Win32.Slugin
t3scan.1.8.5.0

K7 AntiVirus
Trojan
13.186.14245

Kaspersky
Virus.Win32.Slugin
14.0.0.2713

McAfee
W32/Wplugin
5600.6900

Microsoft Security Essentials
Virus:Win32/Slugin.A
1.11202

MicroWorld eScan
Win32.SlugIn.A
15.0.0.1095

NANO AntiVirus
Virus.Win32.Slugin.ddowbn
0.28.6.63850

Norman
Agent.VDAZ
11.20141231

nProtect
Win32.SlugIn.A
14.12.03.01

Panda Antivirus
Generic Malware
14.12.31.09

Qihoo 360 Security
Virus.Win32.Slugin.A
1.0.0.1015

Quick Heal
W32.Slugin.A
12.14.14.00

Rising Antivirus
PE:Win32.Agent.ey!1474842
23.00.65.141229

Sophos
W32/Slugin-A
4.98

Total Defense
Win32/Slugin.A
37.0.11315

Trend Micro House Call
PE_WPLUG.A
7.2.365

Trend Micro
PE_WPLUG.A
10.465.31

Vba32 AntiVirus
Trojan.Patched.dj
3.12.26.3

VIPRE Antivirus
Virus.Win32.Slugin.a
35436

ViRobot
Win32.Patched.N
2011.4.7.4223

Zillya! Antivirus
Virus.Slugin.Win32.1
2.0.0.1999

File size:
758.5 KB (776,667 bytes)

Product version:
2, 0, 0, 3

Copyright:
版权所有 (C) 2006

Original file name:
upgrade2.EXE

Language:
Chinese (Simplified, PRC)

Digital Signature
Signed by:
Beijing Globallink Computer Technology Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
8/23/2011 4:30:00 AM

Valid to:
9/22/2014 3:29:59 AM

Subject:
CN="Beijing Globallink Computer Technology Co.,Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing Globallink Computer Technology Co.,Ltd", L=BeiJing, S=BeiJing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
280D89782D5170CC6867178F0FFDFC9D

File PE Metadata
Compilation timestamp:
11/28/2012 1:53:30 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:85+TtYs+xdvmzqon3YofiD54yiKagIonHU9Wij9dCk4zkM:8osEf3YofiDTiKagvn0Aij9CkM

Entry address:
0x4BC1A

Entry point:
60, E8, 00, 00, 00, 00, 5B, 81, EB, D0, 48, 14, 02, 83, EC, 74, 8B, EC, 8B, 83, AB, 4B, 14, 02, 89, 45, 00, 8B, 83, B3, 4B, 14, 02, 03, 45, 00, 89, 45, 2C, 8B, 83, B7, 4B, 14, 02, 03, 45, 00, 89, 45, 30, C7, 45, 14, 00, 00, 00, 00, C7, 45, 18, 00, 00, 00, 00, C7, 45, 1C, 00, 00, 00, 00, 8B, 45, 14, FF, 45, 14, 66, 33, C9, 8A, 8C, 03, FF, 4B, 14, 02, 84, C9, 74, 7A, 8B, 45, 1C, 66, 01, 4D, 1C, 03, C3, 05, 13, 4C, 14, 02, 50, 8B, 45, 2C, FF, 10, 85, C0, 0F, 84, 5E, 02, 00, 00, 89, 45, 10, 8B, 45, 1C, 03, C3...
 
[+]

Entropy:
6.3729

Packer / compiler:
ASPack v1.08.04

Code size:
552 KB (565,248 bytes)

Remove 89f45050-sample - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.