home

comyinstall2g.exe

Beijing WATERTEK Information Technology Co.,Ltd.

Publisher:
Beijing WATERTEK Information Technology Co.,Ltd.  (signed and verified)

MD5:
58d9583f90a3925f653ab5c0ecd7d4b2

SHA-1:
684778ee5efd574e87313b8c3574440fdcc59b41

SHA-256:
a239077741b19718126ad74cfed862384cae780de35c8c3f5ff810e73ba93374

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 5:55:40 AM UTC  (today)

File size:
238.6 KB (244,360 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\comyinstall2g.exe

Digital Signature
Signed by:
Beijing WATERTEK Information Technology Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
10/28/2013 8:00:00 AM

Valid to:
1/18/2015 7:59:59 AM

Subject:
CN="Beijing WATERTEK Information Technology Co.,Ltd.", OU=R&D Center, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing WATERTEK Information Technology Co.,Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
72AEC6B9BB18867AF8266C3EE50A22C0

File PE Metadata
Compilation timestamp:
10/20/2014 1:53:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1536:I4NuvuErsl4C5bH0MNHsxnWwh8MgoMRvRpEX2DlxCMilY139/MNa:7NuvuRlxH0W4nFK5pEX2DlxrEYJ9/MA

Entry address:
0x70B3

Entry point:
6A, 60, 68, 08, 18, 41, 00, E8, DD, 08, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 55, FB, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, F8, 00, 41, 00, 8B, 4E, 10, 89, 0D, 50, A5, 41, 00, 8B, 46, 04, A3, 5C, A5, 41, 00, 8B, 56, 08, 89, 15, 60, A5, 41, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 54, A5, 41, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 54, A5, 41, 00, C1, E0, 08, 03, C2, A3, 58, A5, 41, 00, 33, F6, 56, 8B, 3D, 38, 00, 41, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
4.3820

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
60 KB (61,440 bytes)

Scan comyinstall2g.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.