» hotfix.exe
Overview
Analysis
File Details

hotfix.exe

TODO:

Dragon Top Entertainment Company Limited

File name:

hotfix.exe

Publisher:

TODO: <Company name> (signed by Dragon Top Entertainment Company Limited)

Product:

TODO: <Product name>

Description:

TODO: <File description>

Version:

1.0.0.1

MD5:

e7950c27b46c28c725f53cd54efec1fb

SHA-1:

6c466c961181f169edfd4f6aba9386babb91a0b9

SHA-256:

1e61f535e779142c3bca38e88d22dc1cbba2e4f4ec2afc29e53eacb1924a3b2e

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/25/2024 1:15:59 PM UTC (today)

Scan engine

Detection

Engine version

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.3

File size:

1.7 MB (1,749,712 bytes)

Product version:

1.0.0.1

Original file name:

msgfix.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\hotfix\hotfix\hotfix.exe

Digital Signature

Signed by:

Dragon Top Entertainment Company Limited

Authority:

DigiCert Inc

Valid from:

1/22/2014 7:00:00 AM

Valid to:

3/2/2015 7:00:00 PM

Subject:

CN=Dragon Top Entertainment Company Limited, O=Dragon Top Entertainment Company Limited, L=Hanoi City, C=VN

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

09BD6104E3E9540F8DD893A2B0EDD2DD

File PE Metadata

Compilation timestamp:

4/25/2014 8:04:32 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:US7g7Z4m9gXkU0kBnyqQx2qrej1uK9Iv6HMTjky5:UZamgkLkRyqQx2Eexj9lHMT55

Entry address:

0x1006E4

Entry point:

E8, 57, 6F, 00, 00, E9, 79, FE, FF, FF, 3B, 0D, 78, 29, 57, 00, 75, 02, F3, C3, E9, D9, 6F, 00, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 57, FF, 35, 88, AF, 57, 00, E8, 32, 69, 00, 00, FF, 35, 84, AF, 57, 00, 8B, F8, 89, 7D, FC, E8, 22, 69, 00, 00, 8B, F0, 59, 59, 3B, F7, 0F, 82, 83, 00, 00, 00, 8B, DE, 2B, DF, 8D, 43, 04, 83, F8, 04, 72, 77, 57, E8, 89, 31, 00, 00, 8B, F8, 8D, 43, 04, 59, 3B, F8, 73, 48, B8, 00, 08, 00, 00, 3B, F8, 73, 02, 8B, C7, 03, C7, 3B, C7, 72, 0F, 50, FF, 75, FC, E8, 0A, 71, 00, 00, 59... 
[+]

Entropy:

6.5131

Code size:

1.2 MB (1,209,344 bytes)

Scan hotfix.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.