home

changebin.exe

jcentertainment corporation

Publisher:
jcentertainment corporation  (signed and verified)

MD5:
542fe58097a37321fb0c5c148df27ab5

SHA-1:
5b494179754a025924ee9d9e200acb3141b951a2

SHA-256:
d7aa8baaf12708819a90927ea7687e06f41fe2ce9d0e7b1aabb8d3e8e955417b

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 8:24:50 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/MPress
7.1.1

Bkav FE
W32.OnGamesLTMYAMIAU.Trojan
1.3.0.4562

Trend Micro House Call
TROJ_GEN.F47V0809
7.2.30

Trend Micro
PAK_Generic.001
10.465.30

File size:
29.4 KB (30,152 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\freestyle2\changebin.exe

Digital Signature
Signed by:
jcentertainment corporation

Authority:
VeriSign, Inc.

Valid from:
12/24/2012 8:00:00 AM

Valid to:
1/24/2014 7:59:59 AM

Subject:
CN=jcentertainment corporation, OU=Security Tech Team, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=jcentertainment corporation, L=Seongnam, S=Gyeonggi, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
186E59C52F0186768F03E6D28BF9E45D

File PE Metadata
Compilation timestamp:
3/25/2011 9:17:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
384:/oNL5jcNeDoqECWR7DW1X0fGXL7tZFPwlJVfBx2KtBwWF9c8YCYs4DxrNq7MKJX9:/YL5jeeDoqEZ74Xug7UnZxfHrQQ77DBH

Entry address:
0xE21D

Entry point:
60, E8, 00, 00, 00, 00, 58, 05, 5A, 0B, 00, 00, 8B, 30, 03, F0, 2B, C0, 8B, FE, 66, AD, C1, E0, 0C, 8B, C8, 50, AD, 2B, C8, 03, F1, 8B, C8, 57, 51, 49, 8A, 44, 39, 06, 88, 04, 31, 75, F6, 2B, C0, AC, 8B, C8, 80, E1, F0, 24, 0F, C1, E1, 0C, 8A, E8, AC, 0B, C8, 51, 02, CD, BD, 00, FD, FF, FF, D3, E5, 59, 58, 8B, DC, 8D, A4, 6C, 90, F1, FF, FF, 51, 2B, C9, 51, 51, 8B, CC, 51, 66, 8B, 17, C1, E2, 0C, 52, 57, 83, C1, 04, 51, 50, 83, C1, 04, 56, 51, E8, 5E, 00, 00, 00, 8B, E3, 5E, 5A, 2B, C0, 89, 04, 32, B4, 10...
 
[+]

Entropy:
7.7964

Packer / compiler:
ASPack v1.08.04

Code size:
32.5 KB (33,280 bytes)

The file changebin.exe has been discovered within the following programs.

FreeStyle2  by Joycity
www.Joycity.com
About 2% of users remove it
FreestyleFootball  by GameKiss
www.GameKiss.com
About 8% of users remove it
 
Powered by Should I Remove It?

Scan changebin.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.