home

CCBCertificate.exe

CCBCertificate

Beijing Daming Wuzhou Science & Technology Co.,Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘CCBCertificate’.
Publisher:
Beijing Daming Wuzhou Science & Technology Co.,Ltd.  (signed and verified)

Product:
CCBCertificate

Version:
2, 1, 4, 6

MD5:
7257fb2c57f808b1f0140f7f31b6fc23

SHA-1:
88c5f7f5d3f952db65b79e021a3be44c6a85b0ab

SHA-256:
8be06f3af4c4d6dfa7d8ad35d2b1a27108e5b4feeddc81e56adcf0a1dc10d696

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:20:48 AM UTC  (today)

File size:
469.4 KB (480,632 bytes)

Product version:
2, 1, 4, 6

Copyright:
版权所有 (C) 2012

Original file name:
CCBCertificate.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\ccbcomponents\dmwz\ccbcertificate.exe

Digital Signature
Signed by:
Beijing Daming Wuzhou Science & Technology Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
8/1/2012 8:00:00 AM

Valid to:
10/1/2015 7:59:59 AM

Subject:
CN="Beijing Daming Wuzhou Science & Technology Co.,Ltd.", OU=Research and Development Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing Daming Wuzhou Science & Technology Co.,Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6B08794760412D6BA5F2AC3172A3D9EA

File PE Metadata
Compilation timestamp:
5/4/2014 11:10:56 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:kdUaI+uXaTynrR3XI4KwkW4OGDf1Zj7PpxCBxzA0Wz7cezpXi/DWx:kOaIP5PIjdZj7PpxYxG7cysG

Entry address:
0x103EB1

Entry point:
E9, 88, 56, FC, FF, 80, FE, 71, 2C, 30, F8, 66, 81, FB, 78, E4, 3C, 09, E9, 88, A3, FC, FF, 00, 00, 47, 65, 74, 43, 75, 72, 72, 65, 6E, 74, 54, 68, 72, 65, 61, 64, 00, 0F, BA, E3, 1D, D0, C8, 0F, BA, E6, 11, F5, F8, 3A, 07, 0F, 9F, C0, B0, B1, 48, 8D, 7F, 01, E9, 17, 97, FC, FF, E9, 90, 81, FC, FF, E9, 54, 40, FE, FF, 0F, 87, 57, 9E, FC, FF, E9, BB, 6B, FC, FF, 10, D2, E9, 35, 21, FC, FF, 0F, 82, DF, 8D, FC, FF, 66, 85, E2, E9, 35, C7, 02, 00, 0F, 85, E0, 6B, FC, FF, D3, C8, 0F, BC, C7, 29, D2, D2, F0, F5...
 
[+]

Entropy:
7.8818

Packer / compiler:
Xtreme-Protector v1.05

Code size:
434.5 KB (444,928 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
CCBCertificate

Command:
C:\Program Files\ccbcomponents\dmwz\ccbcertificate.exe


Scan CCBCertificate.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.