home

cpip.bin

TODO: <产品名>

Beijing AmazGame Age Internet Technology Co., Ltd.

The file cpip.bin by Beijing AmazGame Age Internet Technology Co. has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
TODO: <公司名>  (signed by Beijing AmazGame Age Internet Technology Co., Ltd.)

Product:
TODO: <产品名>

Description:
CPIP

Version:
1.0.0.1

MD5:
bd73ce4f74c343f3b1625f6ce60d8b91

SHA-1:
47c6a642fdd637d9c3b51b57c0488f3969197606

SHA-256:
1cf121c7806dfb1ec7e255cb7743982f960b8b223233e7eec698cbbee5e262c5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
5/1/2024 10:54:13 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.BeijingA
16.7.27.21

File size:
1.9 MB (2,041,728 bytes)

Product version:
1.0.0.1

Copyright:
TODO: (C) <公司名>。保留所有权利。

Original file name:
CPIP.exe

Digital Signature
Signed by:
Beijing AmazGame Age Internet Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/3/2014 8:00:00 AM

Valid to:
3/3/2017 7:59:59 AM

Subject:
CN="Beijing AmazGame Age Internet Technology Co., Ltd.", OU=Tech Dept., OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing AmazGame Age Internet Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
71C0B8F7F8E7AE5DD00BF1016794A6EF

File PE Metadata
Compilation timestamp:
1/29/2015 2:47:06 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:dCateqpvKWm84Sh52hEKeR/QnhCHN38Q0HXh06qRxDlsvze0rMtzN23:gatZvKPxSShEKeenhCHN38Q0HXUDivzv

Entry address:
0x1386A9

Entry point:
E8, FE, C8, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, F8, 83, 5B, 00, FF, 15, 44, 14, 56, 00, 85, C0, 75, 18, 56, E8, 1D, 16, 00, 00, 8B, F0, FF, 15, 34, 14, 56, 00, 50, E8, CD, 15, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 56, 8D, 45, FC, 50, FF, 75, 0C, FF, 75, 08, E8, 40, C9, 00, 00, 8B, F0, 83, C4, 0C, 85, F6, 75, 18, 39, 45, FC, 74, 13, E8, DC, 15, 00, 00, 85, C0, 74, 0A, E8, D3, 15, 00, 00, 8B, 4D, FC, 89, 08, 8B...
 
[+]

Entropy:
6.5410

Code size:
1.4 MB (1,439,232 bytes)

Remove cpip.bin - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.