» default.exe
Overview
Analysis
File Details

default.exe

Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin

File name:

default.exe

Publisher:

Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin (signed and verified)

MD5:

b3f01738f661957ec8c5a09e38a0ac4a

SHA-1:

9d146e62631217c2f02ae5b07ef8b445a718727b

SHA-256:

68ac56b056617432fe50860c65cf36b66e9373b658ca7ba3f84232400b1ef2a2

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/20/2024 2:04:01 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Packed/PECompact

7.1.1

File size:

107.8 KB (110,432 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\vtcgame\dot kich\default.exe

Digital Signature

Signed by:

Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin

Authority:

VeriSign, Inc.

Valid from:

7/25/2011 7:00:00 AM

Valid to:

7/26/2013 6:59:59 AM

Subject:

CN=Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin, L=Hanoi, S=Hanoi, C=VN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1163AFD815645B4622FAC27B357AE85B

File PE Metadata

Compilation timestamp:

5/4/2013 8:53:46 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3072:KLgy3iSEx/yONYKMz8/DmmpTBeFWVcItG8q73:KOSExHkQhpTBeFWGIt5O

Entry address:

0xDBA2

Entry point:

B8, 04, C7, 43, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 2D, 40, A7, DD, D6, 1F, B9, A5, EB, FC, 27, 69, DC, 4A, A8, 02, E6, FF, 82, BB, 66, A6, E4, DC, C3, 46, EE, EC, 7D, 0C, BC, BA, 7E, 12, 45, FD, 3C, 91, DE, C5, F1, 2C, 7E, 9F, C5, DF, 9B, C0, 6B, AF, 7D, F0, 1C, 2B, A9, 01, A3, 7A, C4, 33, 50, A1, 18, EA, FD, FC, 44, 9A, 11, 2B, 0C, C7, D1, 58, 6A, 73, B9, 8D, 46, 00, 7C, 44, 7B, FA, D5, 1B, A4, 5A, 08, 0D, B8, D9, 67... 
[+]

Packer / compiler:

PECompact v2

Code size:

144 KB (147,456 bytes)

Scan default.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.