AddrUpdate.exe

搜搜E点通

Tencent Technology(Shenzhen) Company Limited

Scan AddrUpdate.exe - Powered by Reason Core Security
Publisher:
Tencent  (signed by Tencent Technology(Shenzhen) Company Limited)

Product:
搜搜E点通

Version:
6.1.3.0

MD5:
19c8a2f8c89b1825acc8f184794f3b85

SHA-1:
576fb1aa94198e0d1da609f885cf7868995c96fa

SHA-256:
01a16d4fca679e97b72f46e8f26e55d2106e966429354cc94530a7dd1865001a

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/4/2016 9:25:06 AM UTC  (today)

Scan engine
Detection
Engine version

ByteHero BDV
Virus.Win32.Part.h
6.10.2014.10

Commtouch SDK
W32/NewMalware-Rootkit-I-based!Maximus
5.4.1.7

F-Prot
W32/NewMalware-Rootkit-I-based
v6.4.7.1.166

SUPERAntiSpyware
Adware.Tencent
10552

File size:
118 KB (120,856 bytes)

Product version:
6.1.3.0

Copyright:
Copyright ?2012 Tencent All Rights Reserved

Original file name:
AddrUpdate.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\tencent\addrupdate.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
1/17/2013 8:00:00 AM

Valid to:
2/17/2016 7:59:59 AM

Subject:
CN=Tencent Technology(Shenzhen) Company Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Tencent Technology(Shenzhen) Company Limited, L=shenzhen, S=guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7170BD93CF3F189AE6452B514C49340E

File PE Metadata
Compilation timestamp:
10/15/2012 4:05:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:IHWcPmtvaVHGulZpNXnty7S0vVxvqUDJqbVR+17eAF:IH1utvaVHlZpNXw7xNxvqUDJqbQ7eO

Entry address:
0xEBB2

Entry point:
55, 8B, EC, 6A, FF, 68, 88, 3C, 41, 00, 68, D6, EE, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 98, 21, 41, 00, 59, 83, 0D, AC, F0, 41, 00, FF, 83, 0D, B0, F0, 41, 00, FF, FF, 15, 68, 21, 41, 00, 8B, 0D, 78, E3, 41, 00, 89, 08, FF, 15, 40, 21, 41, 00, 8B, 0D, 74, E3, 41, 00, 89, 08, A1, 44, 21, 41, 00, 8B, 00, A3, A8, F0, 41, 00, E8, B4, 02, 00, 00, 39, 1D, E8, A1, 41, 00, 75, 0C, 68, D2, EE, 40, 00, FF, 15, 48, 21...
 
[+]

Entropy:
6.1938

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
68 KB (69,632 bytes)

Scan AddrUpdate.exe - Powered by Reason Core Security