home

avjiqing_68_1617_.tmp

Chongqing Bannisha Network Information Technology Co., Ltd

Publisher:
Chongqing Bannisha Network Information Technology Co., Ltd  (signed and verified)

Description:
Setup/Uninstall

Version:
51.52.0.0

MD5:
e19e97e52ca89436cac6fd4c0c527859

SHA-1:
4ce0ed1e11c29ed8ea83235b1a16dbe5a84b7f6a

SHA-256:
914f14628a47f992b431a8dbdf86432222f4e0f1ff1b7e5d27d1fc0ed089fbbe

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 10:35:35 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
HV_ZYX_BK084A61.TOMC
7.2.239

File size:
917.8 KB (939,872 bytes)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\avjiqing_68_1617_.tmp

Digital Signature
Signed by:
Chongqing Bannisha Network Information Technology Co., Ltd

Authority:
WoSign eCommerce Services Limited

Valid from:
11/29/2012 12:13:06 PM

Valid to:
11/30/2013 10:21:18 PM

Subject:
E=cq198@sina.com, CN="Chongqing Bannisha Network Information Technology Co., Ltd", O="Chongqing Bannisha Network Information Technology Co., Ltd", L=Chongqing, S=Chongqing, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
229317ED9488F8

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:Q03JC7/PNrPA37hzHIA6s1FjeL8ERJf2CGlDExlDk:QlRrPA37hzHIA6s+TJOChO

Entry address:
0xCBD3C

Entry point:
55, 8B, EC, 83, C4, F4, 53, 56, 57, E8, C2, 76, F3, FF, E8, 19, 9A, F3, FF, E8, 74, A7, F3, FF, E8, 6F, E4, F3, FF, E8, 56, EC, F3, FF, E8, 09, 69, F4, FF, E8, 1C, 76, F4, FF, E8, D3, 21, F5, FF, E8, 8A, 22, F5, FF, E8, 55, 5F, F5, FF, E8, CC, 0A, F8, FF, E8, 63, 73, F8, FF, E8, B6, E4, F8, FF, E8, 59, E9, F8, FF, E8, 8C, F2, F8, FF, E8, 03, 1F, F9, FF, E8, A2, 3F, F9, FF, E8, 7D, 53, F9, FF, E8, 64, 55, F9, FF, E8, 2B, 6F, F9, FF, E8, 36, AC, F9, FF, E8, 35, BB, F9, FF, E8, 70, D3, F9, FF, E8, 3B, 16, FB...
 
[+]

Entropy:
6.5190

Developed / compiled with:
Microsoft Visual C++

Code size:
812 KB (831,488 bytes)

Scan avjiqing_68_1617_.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.