home

hge.dll

杭州浮云网络科技有限公司

Publisher:
杭州浮云网络科技有限公司  (signed and verified)

MD5:
2e37cbbe1a075abd6b7be32107d1b1f4

SHA-1:
4988a79434968a8d63fd02aa0e24556cd0c8bd0d

SHA-256:
5a17cbab4f94ca661db9e47fe3a63fe6c2cad368fd7f02c0b65660e2e86f9247

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/18/2024 11:48:54 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
Suspicious_GEN.F47V0811
7.2.129

File size:
160 KB (163,792 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\91ygame\hge.dll

Digital Signature
Signed by:
杭州浮云网络科技有限公司

Authority:
WoSign eCommerce Services Limited

Valid from:
9/16/2013 5:21:20 PM

Valid to:
9/19/2014 12:35:54 AM

Subject:
E=fuyun@91y.com, CN=杭州浮云网络科技有限公司, O=杭州浮云网络科技有限公司, L=杭州市, S=浙江省, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
0C1F891CECDC6B

File PE Metadata
Compilation timestamp:
7/14/2014 10:30:32 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:pGLoYoRfM+A4COZcp48XIFzcgs3YglmqiXBdO8jaLQxYBlwSmUPgE4iZyG+05L+5:pdmH41eZqpszmd2LwSn4i55L+/TBfCKH

Entry address:
0xC14F

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 86, 80, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 10, 56, FF, 75, 0C, 8D, 4D, F0, E8, E2, E9, FF, FF, 8B, 75, 08, 0F, BE, 06, 50, E8, AF, 82, 00, 00, 83, F8, 65, EB, 0C, 46, 0F, B6, 06, 50, E8, 5D, 81, 00, 00, 85, C0, 59, 75, F1, 0F, BE, 06, 50, E8, 92, 82, 00, 00, 59, 83, F8, 78, 75, 02, 46, 46, 8B, 4D, F0, 8B, 89, BC, 00, 00, 00, 8B, 09, 8A, 06, 8A, 09, 88, 0E, 46, 8A, 0E, 88, 06, 8A, C1...
 
[+]

Entropy:
6.7726

Code size:
102.5 KB (104,960 bytes)

Scan hge.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.