home

cloudhelper.exe

Hangzhou Chuangju Technology Co.,LTD

It runs as a windows Service named “SafeDogCloudHelper”.
Publisher:
Hangzhou Chuangju Technology Co.,LTD  (signed and verified)

MD5:
64ccc5e7c2613326647f76d59aab32bb

SHA-1:
931d57725c22970e9252d6c6c13e007bc77c6557

SHA-256:
ee71c039f9caca20ad5abcb35bb56d7de643d8a8547c7eaec1e16b7eb4a64385

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 4:04:57 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6267

Comodo Security
Virus.Win32.Virut.CE
20372

File size:
1 MB (1,062,024 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Hangzhou Chuangju Technology Co.,LTD

Authority:
WoSign eCommerce Services Limited

Valid from:
7/18/2011 4:27:34 AM

Valid to:
7/19/2014 9:43:00 AM

Subject:
E=web@safedog.cn, CN="Hangzhou Chuangju Technology Co.,LTD", O="Hangzhou Chuangju Technology Co.,LTD", L=Hangzhou, S=Zhejiang, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
7D81565064D7

File PE Metadata
Compilation timestamp:
10/14/2014 6:00:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
24576:Mrit39OGQXaUYOE8s/5WOBeoPFB78uhCl9MGb03qmx7zlCG:Mrit3UGW48s/IOsoPZGo3vx5

Entry address:
0x17FB91

Entry point:
60, C7, 44, 24, 1C, 66, 46, 87, FE, E9, 0F, 47, FF, FF, 72, 80, 26, 0A, DD, 18, 89, CA, E5, DA, C5, BA, 35, 5A, 95, 6A, 35, AA, 75, AA, 01, 78, FD, 40, 6A, 55, 4D, 0E, A1, 0C, 73, FB, 3A, 02, 01, 4E, E5, 25, 8F, 42, B5, 01, D3, 0C, 28, 8F, DD, 42, 1D, D5, E5, 8C, 88, 02, A9, EB, 29, 27, 28, 48, 79, 4E, 7B, F5, E5, D0, 95, 2F, 9A, D9, C4, 5D, 09, 24, E0, 9B, 7B, 54, 17, 49, 76, 50, 0C, FC, E7, 11, 38, A4, 9C, 59, D9, 53, A1, 92, 14, 30, 19, 5E, 6B, 0E, 6D, 4C, 7D, 68, 21, 5E, 18, 5E, 5D, 6E, 01, 08, 41, CB...
 
[+]

Entropy:
7.9549  (probably packed)

Code size:
454.5 KB (465,408 bytes)

Service
Display name:
SafeDogCloudHelper

Type:
Win32OwnProcess, InteractiveProcess


Scan cloudhelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.