» 微信_bubu_v3.exe
Overview
Analysis
File Details
Downloads (2)

微信_bubu_v3.exe

SetupOnline Module

File name:

微信_bubu_v3.exe

Product:

SetupOnline Module

Version:

1, 0, 0, 1

MD5:

0e0183b79b9e2a3f5b09c25da55da85d

SHA-1:

a1c2445ebce6b9571e78d326e0ca1374fb8b0577

SHA-256:

688f5ca04c24b50fa6765850023933cdd035c63acb34da815ef2e72f82a4d3b7

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 11:47:53 AM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

TROJ_GEN.F47V1225

7.2.29

File size:

334.2 KB (342,234 bytes)

Product version:

1, 0, 0, 1

Original file name:

SetupOnline.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

12/31/2012 9:57:53 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:JPJF0X/pZ9skbXmyodQS+3AeVJYSGJFIqr5uvFA2tWX3V/I:NwX/v9skb2yodQSEHVJYSM1ma2tW1/I

Entry address:

0x1515B

Entry point:

E8, 09, 84, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, D8, E0, 42, 00, 57, FF, 35, CC, 92, 43, 00, FF, D6, FF, 35, C8, 92, 43, 00, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, 5F, 84, 00, 00, 8B, D8, 8D, 47, 04, 59, 3B, D8, 73, 48, B8, 00, 08, 00, 00, 3B, D8, 73, 02, 8B, C3, 03, C3, 3B, C3, 72, 0F, 50, FF, 75, FC, E8, 6F, 68, 00, 00, 59, 59, 85, C0, 75, 16, 8D, 43, 10, 3B, C3, 72, 3E, 50, FF, 75, FC, E8... 
[+]

Entropy:

7.1476

Code size:

180 KB (184,320 bytes)

The file 微信_bubu_v3.exe has been seen being distributed by the following 2 URLs.

http://store.bubuapp.com/appfiles/appsetups/.../??_bubu_v3.exe

Scan 微信_bubu_v3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.