home

delegate_execute.exe

Kinza

Dayz Corporation

Publisher:
Dayz Inc.  (signed by Dayz Corporation)

Product:
Kinza

Version:
41.0.2272.101

MD5:
684d4b4348c99cb8a84978aa8af56552

SHA-1:
8e40f84f7aaf551eccdca0cb222a214aaf1b9e4c

SHA-256:
6f6d8dc150fb6d82f9a07b1bde41735eed4b86c1fcc3ba733a00c33b232c8b7c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/30/2024 5:21:28 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
Suspicious_GEN.F47V0331
7.2.100

File size:
637.9 KB (653,216 bytes)

Product version:
41.0.2272.101

Copyright:
Copyright 2015 Dayz Inc. All rights reserved.

Original file name:
delegate_execute.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\kinza\application\41.0.2272.101\delegate_execute.exe

Digital Signature
Signed by:
Dayz Corporation

Authority:
GlobalSign nv-sa

Valid from:
3/27/2015 7:30:01 PM

Valid to:
8/23/2016 9:27:17 PM

Subject:
E=info@dayz.jp, CN=Dayz Corporation, O=Dayz Corporation, L=Chuou, S=Tokyo, C=JP

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121962E3A3D6FCB7EB9C152DD4EE214824C

File PE Metadata
Compilation timestamp:
3/26/2015 10:58:00 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:STgKAfwIatj1fhqcMfHGG42TE1bfCNfij23ob10KaAeTX5+JL8wh2efvBD:75atGcH4ePHV25FexD

Entry address:
0x358CF

Entry point:
E8, 75, CB, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 55, 0C, A1, 68, 92, 49, 00, F7, D2, 8B, 4D, 08, 23, D0, 23, 4D, 0C, 0B, D1, 89, 15, 68, 92, 49, 00, 5D, C3, E8, 32, 08, 00, 00, 85, C0, 74, 08, 6A, 16, E8, 50, 08, 00, 00, 59, F6, 05, 68, 92, 49, 00, 02, 74, 21, 6A, 17, E8, 87, 20, 02, 00, 85, C0, 74, 05, 6A, 07, 59, CD, 29, 6A, 01, 68, 15, 00, 00, 40, 6A, 03, E8, C7, F5, FF, FF, 83, C4, 0C, 6A, 03, E8, 99, 32, 00, 00, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 56, 33, C0, 50, 50, 50, 50, 50, 50, 50, 50, 8B...
 
[+]

Entropy:
6.6658

Code size:
352 KB (360,448 bytes)

Scan delegate_execute.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.