home

emule.exe

easyMule

Shanghai Source Networking Technology Co., Ltd

Publisher:
http://www.verycd.com  (signed by Shanghai Source Networking Technology Co., Ltd)

Product:
easyMule

Version:
1.2.2.111110 Unicode

MD5:
328aa6d6e890423b4440211c6b3d1445

SHA-1:
87b99fe651f92ec85b16245424300c71e3cba49d

SHA-256:
565cbafb898717d2422bd5662a1c3160c01687dc5073bb57b84fc268b0fbed01

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 3:02:10 AM UTC  (today)

Scan engine
Detection
Engine version

Zillya! Antivirus
Backdoor.Agent.Win32.49413
2.0.0.1930

File size:
7.5 MB (7,853,216 bytes)

Product version:
1.2.2.111110 Unicode

Copyright:
Copyright ?2002-2008 Merkur - read license.txt for more infos

Original file name:
emule.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\easymule\emule.exe

Digital Signature
Signed by:
Shanghai Source Networking Technology Co., Ltd

Authority:
WoSign eCommerce Services Limited

Valid from:
7/31/2011 9:20:49 AM

Valid to:
8/1/2014 5:18:45 PM

Subject:
E=webmaster@verycd.com, CN="Shanghai Source Networking Technology Co., Ltd", O="Shanghai Source Networking Technology Co., Ltd", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
0914D82AE35756

File PE Metadata
Compilation timestamp:
11/10/2011 7:57:01 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:uJuCZ6nQYebZejiYpbZ46stlOzG87VMlNStBaqSybT:xYuQPhvtlOzH78NSUI

Entry address:
0x3843F6

Entry point:
E8, 97, FB, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, 60, 44, 78, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, 7C, 04, 03, 00, 8B, 45, 0C, 8B, 40, 04, 83, E0, FD, 8B, 4D, 0C, 89, 41, 04, 64, 8B, 3D, 00, 00, 00, 00...
 
[+]

Entropy:
6.4545

Code size:
4.1 MB (4,333,568 bytes)

Windows Firewall Allowed Program
Name:
easymule1.0


Scan emule.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.