» AutoClick.exe
Overview
Analysis
File Details

AutoClick.exe

鼠标连点器

Shangrao Yuwang Technology Co., Ltd.

File name:

AutoClick.exe

Publisher:

天心工作室 (signed by Shangrao Yuwang Technology Co., Ltd.)

Product:

鼠标连点器

Description:

鼠标连点辅助工具

Version:

2.1.0.0

MD5:

e7709a6af729297e8d64de0003ab23e3

SHA-1:

e8c270589bc5df9824fdb57a04c6638db878e316

SHA-256:

8a37139860c9f2f8ef275326548517c242085863abc38db3e6be0bb7d75b4e19

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/23/2024 8:53:59 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Rootkit.Agent.OAS trojan

8.0.319.0

File size:

635.8 KB (651,064 bytes)

Product version:

2.1.0.0

Original file name:

AutoClick.exe

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Shangrao Yuwang Technology Co., Ltd.

Authority:

WoSign eCommerce Services Limited

Valid from:

3/20/2013 12:27:07 PM

Valid to:

3/22/2014 7:31:32 PM

Subject:

E=cq198@sina.com, CN="Shangrao Yuwang Technology Co., Ltd.", O="Shangrao Yuwang Technology Co., Ltd.", L=Shangrao, S=Jiangxi, C=CN

Issuer:

CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:

22F387FECA36D7

File PE Metadata

Compilation timestamp:

1/28/2014 12:30:21 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:oCW6ldHoa7V6Waa+SSAIXuCB/wyDVuk+K80CN8WoSyiWhvOr:oCVHoa7CSBIXuCtJr8048vieY

Entry address:

0x2C44B

Entry point:

E8, B3, 89, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, D8, BE, 46, 00, 00, 75, 18, E8, 37, 81, 00, 00, 6A, 1E, E8, 81, 7F, 00, 00, 68, FF, 00, 00, 00, E8, C3, 24, 00, 00, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, D8, BE, 46, 00, FF, 15, FC, 00, 44, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, E0, BE, 46, 00, 74, 0D, 53, E8, F6, 89, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 0B, 0A, 00, 00, 89, 30, E8, 04, 0A, 00, 00, 89... 
[+]

Entropy:

6.3921

Code size:

252 KB (258,048 bytes)

Scan AutoClick.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.