home

bhgui.exe

bhws

Shanghai Bo Yi Information Technology Co. Ltd.

Publisher:
CHINA  (signed by Shanghai Bo Yi Information Technology Co. Ltd.)

Product:
bhws

Description:
Chinese Chess

Version:
2.6.0.0

MD5:
a23755bb9b31ae7bc784898a8f916a21

SHA-1:
0be8b363cd64c618eb3b724767f968316dea568e

SHA-256:
67f6d08c0ff24250bf778142bb0176e987d51c6b15f75bf6aca04195eebe59d2

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/16/2024 11:48:49 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
TrojWare.Win32.Amtar.KNB
18129

ESET NOD32
Win32/Packed.NoobyProtect (variant)
8.9698

Norman
Bumrat.B
11.20141229

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.141227

VIPRE Antivirus
Trojan.Win32.Generic
28388

File size:
11.6 MB (12,135,272 bytes)

Product version:
2.6.0.0

Copyright:
COPYRIGHT(C) 2009~2012

Original file name:
Chess.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Shanghai Bo Yi Information Technology Co. Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/15/2012 8:00:00 AM

Valid to:
3/20/2015 7:59:59 AM

Subject:
CN=Shanghai Bo Yi Information Technology Co. Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Shanghai Bo Yi Information Technology Co. Ltd., L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3BDC743ADE918E2EC09F3A9FDD929776

File PE Metadata
Compilation timestamp:
9/1/2012 8:01:53 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:mnOYlDl9njYP6ITxjn7ANtob+Ya7dAeHhg3hcUA:m1DliCIcN2Pa7ddGc5

Entry address:
0x26328D0

Entry point:
E8, 1C, 00, 00, 00, 53, 61, 66, 65, 6E, 67, 69, 6E, 65, 20, 53, 68, 69, 65, 6C, 64, 65, 6E, 20, 76, 32, 2E, 31, 2E, 34, 2E, 30, 00, 9C, FC, 54, 83, EC, 04, E9, B0, FE, FF, FF, 8D, 04, BD, 00, 00, 00, 00, EB, 5A, 9D, 19, 89, E8, 1B, F0, DE, 5F, CF, AA, 59, 87, 2D, 3C, 0F, 96, 01, 96, FE, C2, 66, 8B, DA, 66, 0F, BC, F6, 8B, 2C, 24, E8, D4, FF, FF, FF, 8B, 44, 24, 04, 86, 4C, 24, 04, C1, C9, 15, 8A, 7C, 24, 04, E9, 88, 00, 00, 00, C0, 83, 3A, 8D, 04, 33, 66, 89, 5C, 24, 04, 66, 8B, 6C, 24, 04, 8B, F5, BF, D0...
 
[+]

Entropy:
7.8520  (probably packed)

Scan bhgui.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.