home

beikearpmain.exe

金山贝壳Arp防火墙

Beike Internet Security Technology Co.,Ltd

Publisher:
贝壳网际(北京)安全技术有限公司  (signed by Beike Internet Security Technology Co.,Ltd)

Product:
金山贝壳Arp防火墙

Description:
金山贝壳用户交互程序

Version:
2009.12.17.61

MD5:
c9085906a7a7d9574ab597c7e8b6d8e9

SHA-1:
b1cdc4b4da69d50daa90515312aa24a6d58270c8

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/8/2024 5:21:14 PM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

File size:
397.3 KB (406,856 bytes)

Product version:
2.0.4104.61

Copyright:
Beike Internet Security Technology Co.,Ltd

Original file name:
beikearpmain.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\beike\antiarp\beikearpmain.exe

Digital Signature
Signed by:
Beike Internet Security Technology Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
5/15/2009 8:00:00 AM

Valid to:
5/16/2010 7:59:59 AM

Subject:
CN="Beike Internet Security Technology Co.,Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beike Internet Security Technology Co.,Ltd", L=BEIJING, S=BEIJING, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1327C649F41D2E2D8D892F1EB1DF4A32

File PE Metadata
Compilation timestamp:
12/17/2009 2:36:18 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:5XQymO3b1R2B73LqvR4jv3oB1rcEZFdgHN/AWk3Jsn+kyrFBIKwl6s60hhZWLi3K:1d1WpqvvdgH1ADe+kyoKwligSE/Ow0h

Entry address:
0x32FB2

Entry point:
55, 8B, EC, E8, 7E, 3C, 00, 00, E8, 46, FF, FF, FF, 5D, C3, CC, FF, 25, 14, 83, 43, 00, FF, 25, 28, 83, 43, 00, FF, 25, 2C, 83, 43, 00, FF, 25, 18, 83, 43, 00, FF, 25, 1C, 83, 43, 00, FF, 25, 20, 83, 43, 00, FF, 25, 24, 83, 43, 00, FF, 25, 30, 83, 43, 00, FF, 25, 7C, 80, 43, 00, FF, 25, 78, 80, 43, 00, FF, 25, 70, 80, 43, 00, FF, 25, 74, 80, 43, 00, FF, 25, B0, 82, 43, 00, FF, 25, AC, 82, 43, 00, FF, 25, 1C, 85, 43, 00, FF, 25, 18, 85, 43, 00, FF, 25, 14, 85, 43, 00, FF, 25, 10, 85, 43, 00, FF, 25, 0C, 85...
 
[+]

Entropy:
6.6768

Developed / compiled with:
Microsoft Visual C++

Code size:
220 KB (225,280 bytes)

Scan beikearpmain.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.