home

infection update vi.exe

Shared Folder Protector

Liao Guobo

Publisher:
KakaSoft  (signed by Liao Guobo)

Product:
Shared Folder Protector

Description:
A useful tool to protect your shared folder

Version:
4.7.0.299

MD5:
6a562afc8df2d72b6dcfd697d3629eec

SHA-1:
b042a5c3913826e4966aa971a4716c36a20fe5e4

SHA-256:
083d91e8ae0bf8d2e322bfe2c209cba261f1ab55cf82e159c806514dc2a23510

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/24/2024 12:23:45 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.TsCabk
1.3.0.4959

Norman
Obfuscated_T
11.20160207

File size:
4.2 MB (4,351,856 bytes)

Copyright:
Copyright 2011 KakaSoft.All rights reserved

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Liao Guobo

Authority:
StartCom Ltd.

Valid from:
11/26/2011 7:44:42 AM

Valid to:
11/27/2013 6:03:59 AM

Subject:
E=support@hoposoft.com, CN=Liao Guobo, L=Shenzhen, S=Guangdong, C=CN, Description=575657-pU7OeW9FKsyh29tD

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
04AA

File PE Metadata
Compilation timestamp:
9/25/2012 1:46:16 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:YECc39HaoSmFqBsJ3y8EOaSdz3uRzaHqJk1w0fItZbIw31NUxg5+IyCHt6QOT/KS:YEZty8jiRzaHqJk1w0c/4xaUCHtG5Mq

Entry address:
0x3469F8

Entry point:
E8, 1C, D3, 00, 00, E9, FC, DA, FF, FF, D0, D8, 84, E7, 8A, 07, 66, 0F, A3, DF, 9C, 60, 3C, 41, 9C, E9, D9, 97, 00, 00, 8D, 53, 04, 66, BE, A4, FB, 89, 7C, 24, 04, 57, E8, A6, F0, FF, FF, 00, 00, 50, 6F, 73, 74, 51, 75, 69, 74, 4D, 65, 73, 73, 61, 67, 65, 00, 00, 00, 47, 65, 74, 4B, 65, 79, 62, 6F, 61, 72, 64, 4C, 61, 79, 6F, 75, 74, 00, 8D, 64, 24, 10, 0F, 83, C4, D2, FF, FF, 87, FB, 89, C3, 8D, 8E, B2, FC, 06, FC, 89, C7, E8, 13, BB, FF, FF, 00, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 00, 00...
 
[+]

Entropy:
6.5204

Code size:
3.1 MB (3,256,832 bytes)

Scan infection update vi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.