home

CrashRpt.dll

TODO:

Beijing AmazGame Age Internet Technology Co., Ltd.

The module CrashRpt.dll by Beijing AmazGame Age Internet Technology Co. has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including Mobogenie by Beijing Yang Fan Jing He Information Consulting Co. Ltd. and Genie Cleaner by Mobogenie.com.
Publisher:
changyou  (signed by Beijing AmazGame Age Internet Technology Co., Ltd.)

Product:
TODO: <Product name>

Description:
CrashReport动态版本

Version:
0.0.1.8

MD5:
e286fd4bfcabfb63f3595028654a46cf

SHA-1:
85cc7149ae9f5b9c345c6e4291159edb1e6d4aa2

SHA-256:
e3bf0a444bee9d2bb1522f9aa6233ce8819d3742da9cc2223a179f15700ca103

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/27/2024 2:23:41 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.I
14.3.1.14

File size:
108.7 KB (111,296 bytes)

Product version:
0.0.1.8

Copyright:
Copyright (C) 2012

Original file name:
CrashRpt.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese

Common path:
C:\Program Files\mobogenie\crashrpt.dll

Digital Signature
Signed by:
Beijing AmazGame Age Internet Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/16/2012 12:00:00 AM

Valid to:
6/16/2015 12:59:59 AM

Subject:
CN="Beijing AmazGame Age Internet Technology Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing AmazGame Age Internet Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
22CF7DA7B76FC5C4E77225CFA1BDA497

File PE Metadata
Compilation timestamp:
1/21/2013 5:42:25 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:bziatWHMWYZDHVXPjXdXUbEETxfP71DtrfUxCOZLWo3cY:CRsWYZTpLdXUPH71D9pOZLVr

Entry address:
0x11D22

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, C6, 04, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, FF, 25, 38, 42, 01, 10, 6A, 14, 68, A0, 60, 01, 10, E8, 38, 02, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, FC, 04, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF...
 
[+]

Entropy:
6.5498

Code size:
74 KB (75,776 bytes)

The file CrashRpt.dll has been discovered within the following programs.

Genie Cleaner  by Mobogenie.com
www.voga360.com
42% remove it
Mobogenie  by Beijing Yang Fan Jing He Information Consulting Co. Ltd.
Mobogenie is an Android app store portal that may use the OpenCandy, Quick Downloader, Conduit and various other monetization programs to bundle with third party installers. In many cases some versions (mostly older ones) are bundled by third party distribution platforms.
www.mobogenie.com/pc.html
56% remove it
 
Powered by Should I Remove It?

Remove CrashRpt.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.