home

activityplush_es_spa_setup.exe

ActivityPlush Web Program ES Plugin Setup

Vtech Electronics Industrial (Shenzhen) Co., Ltd.

This is a setup and installation application. The file has been seen being downloaded from contentcdn.vtechda.com.
Publisher:
VTech  (signed by Vtech Electronics Industrial (Shenzhen) Co., Ltd.)

Product:
ActivityPlush Web Program ES Plugin Setup

Version:
3.0.0.6

MD5:
5faa3b6038b3c6cd85a9aafc7adfd9cd

SHA-1:
8aaccd465a5e505c23ab40853f58652ad789c7d1

SHA-256:
d056ba9059fa1f3b30b968e9b63aeb0cc3460e21a2828e64b6016678e3648b81

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/12/2024 6:06:52 PM UTC  (today)

File size:
14.9 MB (15,586,488 bytes)

Product version:
3.0.0.6

Copyright:
Copyright (C) 2010

Original file name:
ActivityPlush_ES_spa Setup Ver3.006.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\activityplush_es_spa_setup.exe

Digital Signature
Signed by:
Vtech Electronics Industrial (Shenzhen) Co., Ltd.

Authority:
WoSign CA Limited

Valid from:
1/27/2016 7:34:29 AM

Valid to:
11/27/2016 7:34:29 AM

Subject:
CN="Vtech Electronics Industrial (Shenzhen) Co., Ltd.", O="Vtech Electronics Industrial (Shenzhen) Co., Ltd.", L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA G2, O=WoSign CA Limited, C=CN

Serial number:
1F052BC3BE6BC1C8A27AB2DC0163CD2F

File PE Metadata
Compilation timestamp:
8/25/2011 3:48:27 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:L/qEZKFdu9bvaAasIppJ0Lw0MN3pKXnniuwH:DqErvqsUJawfN3pKXnpi

Entry address:
0x3393F5

Entry point:
E8, A0, AB, 00, 00, E9, 78, FE, FF, FF, CC, 51, 8D, 4C, 24, 04, 2B, C8, 1B, C0, F7, D0, 23, C8, 8B, C4, 25, 00, F0, FF, FF, 3B, C8, 72, 0A, 8B, C1, 59, 94, 8B, 00, 89, 04, 24, C3, 2D, 00, 10, 00, 00, 85, 00, EB, E9, 8B, FF, 55, 8B, EC, 51, 51, 8D, 45, F8, 50, FF, 15, 08, D2, 78, 00, 8B, 45, F8, 8B, 4D, FC, 6A, 00, 05, 00, 80, C1, 2A, 68, 80, 96, 98, 00, 81, D1, 21, 4E, 62, FE, 51, 50, E8, 95, 4A, 00, 00, 83, FA, 07, 7C, 0E, 7F, 07, 3D, FF, 6F, 40, 93, 76, 05, 83, C8, FF, 8B, D0, 8B, 4D, 08, 85, C9, 74, 05...
 
[+]

Code size:
3.5 MB (3,718,144 bytes)

The file activityplush_es_spa_setup.exe has been seen being distributed by the following URL.

http://contentcdn.vtechda.com/vtechkidsDownload/ES-spa/1472/Setup/.../ActivityPlush_ES_spa_Setup.exe

Scan activityplush_es_spa_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.