home

bombbuddies.exe

Balanced Worlds (Beijing) Software Co., Ltd.

Publisher:
Balanced Worlds (Beijing) Software Co., Ltd.  (signed and verified)

MD5:
cf55ab2b15db997de6296617c2be6dc2

SHA-1:
df8e29895d5236a8e0b482e1b428af9b26a4b7b2

SHA-256:
0352a4dad914143be37e7e4c09192598747ab895b597f436ec6d5f27fe325bae

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 8:06:35 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0808
7.2.181

File size:
3.1 MB (3,202,664 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\bombbuddies.exe

Digital Signature
Signed by:
Balanced Worlds (Beijing) Software Co., Ltd.

Authority:
DigiCert Inc

Valid from:
4/4/2012 9:00:00 PM

Valid to:
4/10/2013 9:00:00 AM

Subject:
CN="Balanced Worlds (Beijing) Software Co., Ltd.", O="Balanced Worlds (Beijing) Software Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07A581482809A37EBF5DBB652DF621E4

File PE Metadata
Compilation timestamp:
6/20/2012 5:15:23 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:wCnZ+4hTslxQQEH2oKv6hxYDWPlya+SY7B4XeGovdAUsbqu:wCnEMbHIyIglya+ngeGovWd5

Entry address:
0x60EC3

Entry point:
E9, 88, C6, 04, 00, E9, 73, 02, 03, 00, E9, 3E, 1F, 01, 00, E9, 59, DD, 02, 00, E9, E4, D0, 05, 00, E9, FF, 54, 02, 00, E9, 6A, 59, 01, 00, E9, 45, 90, 06, 00, E9, D0, 4F, 06, 00, E9, AB, B8, 04, 00, E9, 26, F9, 00, 00, E9, 61, 83, 0B, 00, E9, CC, F2, 08, 00, E9, 57, 85, 08, 00, E9, 42, 00, 08, 00, E9, 1D, 39, 06, 00, E9, 18, 67, 04, 00, E9, 53, 58, 05, 00, E9, 2E, 50, 03, 00, E9, 79, 83, 08, 00, E9, 9C, 32, 04, 00, E9, BF, CE, 03, 00, E9, 14, 32, 04, 00, E9, 35, 0F, 04, 00, E9, E0, 95, 04, 00, E9, 7B, 8E...
 
[+]

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
782.5 KB (801,280 bytes)

Scan bombbuddies.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.