home

d107929ab8c6a91646a03fa4a8197b0b.exe

Shenzhen Enode Technology Co., Ltd.

This is a setup and installation application.
Publisher:
XCube  (signed by Shenzhen Enode Technology Co., Ltd.)

Product:
XCube

Description:
XCube's Install Program

Version:
1.6.0.878

MD5:
ad5cc8f54c11978d5cfbc0e9de77980f

SHA-1:
e12d11070b7b42de68cbdacc81dc3b0fb55f8df9

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/23/2024 6:57:27 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
2014.9-160211

ESET NOD32
Detection.Undefined
10.7.0.302.0

Microsoft Security Essentials
Threat.Undefined
1.213.5577.0

VIPRE Antivirus
Threat.4721115
46960

File size:
3.2 MB (3,342,288 bytes)

Product version:
1.6.0.878

Copyright:
Copyright (C) 2001-2015

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\d107929ab8c6a91646a03fa4a8197b0b.exe

Digital Signature
Signed by:
Shenzhen Enode Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
4/1/2013 2:00:00 AM

Valid to:
4/1/2016 1:59:59 AM

Subject:
CN="Shenzhen Enode Technology Co., Ltd.", OU=Development Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Shenzhen Enode Technology Co., Ltd.", L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
60F6AD6D09199C81989F5CD146FBBF4F

File PE Metadata
Compilation timestamp:
12/25/2013 7:01:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:Mf/Bmg6m3Epe7y5qwNwEEMLiWStqx2QvnF0yVgfn9uzMS6tVC5jSOgLWpz1Ui6cU:+swZy0wiGL5S/ILK9G6tuaLW3UkCLuNE

Entry address:
0x31FD

Entry point:
F2, 55, EB, 02, 8B, FD, 30, DD, F3, 02, DC, B5, 9D, 70, 04, 89, E9, FE, CD, 81, FD, 6A, D3, 00, 00, 86, E5, 28, E7, C7, C7, 83, 54, BA, F3, 8D, 35, E9, 3E, D0, 90, B9, C7, 15, BB, AC, 30, F1, 4D, 0F, B7, D8, 89, F3, F7, C3, C6, 0D, FC, CE, 75, 0A, 35, A0, 58, 15, BE, 0F, AF, F1, 30, DC, 2B, C9, 86, C0, 8B, C1, FF, C5, 81, F1, A7, 8A, FF, FF, FF, C7, BB, 40, AD, CD, FC, 81, C1, 02, 83, 00, 00, 0F, BF, C2, 0F, BF, C2, 8D, 11, 0F, B7, F3, 81, EA, 23, 09, 00, 00, 8B, FE, 0F, AF, CB, 86, FD, 81, D1, 21, A6, 75...
 
[+]

Entropy:
7.9963  (probably packed)

Code size:
23.5 KB (24,064 bytes)

Scan d107929ab8c6a91646a03fa4a8197b0b.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.