home

cgbusbkeytools.exe

CGBUsbKeyTools

Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘CGBUsbKeyTools.exe’.
Publisher:
CGB  (signed by Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.)

Product:
CGBUsbKeyTools

Description:
CGBUsbKeyTool

Version:
5, 4, 0, 4

MD5:
08b06507e15d720d41d0cfc91f32de16

SHA-1:
12c4fed5ad3290fb3878abd78876a0dfe58f9f65

SHA-256:
acd161dfe6243db416e8dfd0871382cbb9b9644bddbeed106a87be755c91c763

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/7/2024 2:09:24 PM UTC  (today)

File size:
198 KB (202,752 bytes)

Product version:
5, 4, 0, 4

Copyright:
Copyright (C) 2011-2016

Original file name:
CGBUsbKeyTool.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\cgbebank\cgbusbkeytools.exe

Digital Signature
Signed by:
Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.

Authority:
Symantec Corporation

Valid from:
4/25/2016 8:00:00 AM

Valid to:
6/25/2017 7:59:59 AM

Subject:
CN="Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.", OU=Technical Support, O="Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.", L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2AD3FEBBC8A05BD3815E36DD9F77BC52

File PE Metadata
Compilation timestamp:
7/19/2016 4:38:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:0Tcd5+D50Oo935dRivvdql72rfAJ/NJONuLjoQSjI:p2Lo7dYvdqB2DAJ/Pt

Entry address:
0x132FC

Entry point:
55, 8B, EC, 6A, FF, 68, 00, 63, 41, 00, 68, F0, 32, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 24, 54, 41, 00, 59, 83, 0D, 60, C4, 41, 00, FF, 83, 0D, 64, C4, 41, 00, FF, FF, 15, 28, 54, 41, 00, 8B, 0D, F8, C2, 41, 00, 89, 08, FF, 15, 2C, 54, 41, 00, 8B, 0D, F4, C2, 41, 00, 89, 08, A1, 30, 54, 41, 00, 8B, 00, A3, 5C, C4, 41, 00, E8, 1C, 01, 00, 00, 39, 1D, 80, A4, 41, 00, 75, 0C, 68, 84, 34, 41, 00, FF, 15, 34, 54...
 
[+]

Entropy:
5.7076

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
80 KB (81,920 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
CGBUsbKeyTools.exe

Command:
C:\Program Files\cgbebank\cgbusbkeytools.exe


Scan cgbusbkeytools.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.