» chc-s2145_113_build201.exe
Overview
Analysis
File Details

chc-s2145_113_build201.exe

TAB Software Corp.

The executable chc-s2145_113_build201.exe has been detected as malware by 12 anti-virus scanners.

File name:

Publisher:

TAB Software Corp. (signed and verified)

MD5:

92c7abad792de7b5d5be0ac2eba0c64d

SHA-1:

3310af427800d745e000099fdd340e5118fd73cc

SHA-256:

a13c67c8bcea8ff9c3a2e566b0ed86c1c70d7bda5d322ab8a0b3d265607f4d8d

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

4/26/2024 3:50:37 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Rogue.9014757

8.3.2.4

avast!

Win32:Malware-gen

2014.9-160102

AVG

Dropper.Generic8

2017.0.2876

Baidu Antivirus

Trojan.Win32.Dropper

4.0.3.1612

Fortinet FortiGate

W32/Daws.BGQV!tr

1/2/2016

Kaspersky

Trojan-Dropper.Win32.Daws

14.0.0.877

McAfee

Artemis!92C7ABAD792D

5600.6532

Qihoo 360 Security

Win32/Trojan.576

1.0.0.1077

Quick Heal

TrojanDropper.Daws.g4

1.16.14.00

VIPRE Antivirus

Trojan.Win32.Generic

45352

ViRobot

Dropper.A.Daws.3051816[h]

2014.3.20.0

Zillya! Antivirus

Dropper.Daws.Win32.11489

2.0.0.2524

File size:

2.9 MB (3,051,816 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\chc-s2145_113_build201.exe

Digital Signature

Signed by:

TAB Software Corp.

Authority:

The Code Project

Valid from:

3/14/2010 5:00:00 PM

Valid to:

3/15/2011 4:59:59 PM

Subject:

CN=TAB Software Corp., O=TAB Software Corp., STREET=8118 Victoria Woods Pl, L=Fort Wayne, S=IN, PostalCode=46825, C=US

Issuer:

CN=The Code Project Code Signing CA, O=The Code Project, C=CA

Serial number:

2D1BA639200257F67D3BF35D52C53381

File PE Metadata

Compilation timestamp:

6/18/2010 11:27:46 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

49152:yZ2cD3c4qzCrrmqJPp2IvCOHpQJxbyLmuFFnIj8jxbcy0iC:g4zwFJPpxC0qJxbomgCAjxbcy0iC

Entry address:

0x4E21F

Entry point:

E8, 37, 7F, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, 89, E2, 44, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, AD, 70, 01, 00, 8B, 45, 0C, 8B, 40, 04, 83, E0, FD, 8B, 4D, 0C, 89, 41, 04, 64, 8B, 3D, 00, 00, 00, 00... 
[+]

Entropy:

7.8368 (probably packed)

Code size:

420 KB (430,080 bytes)

Remove chc-s2145_113_build201.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.