home

efpatcher.tws

Blaze Loong Technologies Co., Ltd

Publisher:
Blaze Loong Technologies Co., Ltd  (signed and verified)

MD5:
04f02de3caa8efc5e5afde13e3cbb43a

SHA-1:
75bebfd0b47c19302bc1e24cde384842e9422762

SHA-256:
7b4ad71b5e1bec3f9bba843b5e979368441f123c4a3b83217c8855b8db790a82

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/29/2024 1:53:25 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/Malware.QVM10.Gen
1.0.0.1015

File size:
3.1 MB (3,259,632 bytes)

Common path:
C:\Windows\System32\efpatcher.tws

Digital Signature
Signed by:
Blaze Loong Technologies Co., Ltd

Authority:
WoSign eCommerce Services Limited

Valid from:
8/1/2011 9:17:44 AM

Valid to:
8/2/2012 4:42:59 AM

Subject:
E=support@bltech.cn, CN="Blaze Loong Technologies Co., Ltd", O="Blaze Loong Technologies Co., Ltd", L=Chengdu, S=Sichuan, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
1234F10C2018DA

File PE Metadata
Compilation timestamp:
1/17/2012 10:49:01 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:hoa6OgDP6jtTRpr09rpprvftzh8dvXD3w0NjW4KqQk:MOA6jt9wrpprvfIril4

Entry address:
0x437CC

Entry point:
E8, 95, D0, 00, 00, E9, 78, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, A0, 8B, 46, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, A0, 8B, 46, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F...
 
[+]

Code size:
357 KB (365,568 bytes)

Scan efpatcher.tws - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.