» installer_3gs.exe
Overview
Analysis
File Details

installer_3gs.exe

Beijing Tendent Network Technology Co., Ltd.

File name:

installer_3gs.exe

Publisher:

Beijing Tendent Network Technology Co., Ltd. (signed and verified)

Version:

1.0.0.0

MD5:

d12d7cdb306ad4cc4da89e60f213a6c4

SHA-1:

0ef6e1e5b89bfacca980be5e79885b5ef5f4a47d

SHA-256:

53c891e26c9073b20dad40caa86dc3c8b18c5283e7bb2f963c544d320bcdc538

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/16/2024 6:17:54 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.Cloda9e.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

17953

VIPRE Antivirus

Trojan.Win32.Generic

27526

File size:

28.6 KB (29,288 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\installer_3gs.exe

Digital Signature

Signed by:

Beijing Tendent Network Technology Co., Ltd.

Authority:

WoSign eCommerce Services Limited

Valid from:

11/29/2012 9:57:53 PM

Valid to:

12/4/2015 5:45:48 PM

Subject:

E=dtren218@sina.com, CN="Beijing Tendent Network Technology Co., Ltd.", O="Beijing Tendent Network Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:

CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:

097226EA19F091

File PE Metadata

Compilation timestamp:

6/20/1992 6:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

384:KIOztk/GyyCMy8CnzteN/5IrqjjspPWUjvm3zWdRXkJCXu0x5fL0CB4EQ2:YC38CzteN7jyejUuSpL0GX

Entry address:

0x46F4

Entry point:

55, 8B, EC, 83, C4, E8, 53, 56, 57, 33, C0, 89, 45, E8, 89, 45, EC, B8, BC, 46, 40, 00, E8, F5, F5, FF, FF, 33, C0, 55, 68, B2, 47, 40, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, 8D, 47, 40, 00, 64, FF, 30, 64, 89, 20, 8D, 55, EC, B8, 01, 00, 00, 00, E8, 9C, E3, FF, FF, 8B, 45, EC, BA, CC, 47, 40, 00, E8, AF, F0, FF, FF, 75, 07, E8, B4, F8, FF, FF, EB, 35, E8, 19, E3, FF, FF, 48, 7C, 28, 8D, 55, E8, B8, 01, 00, 00, 00, E8, 71, E3, FF, FF, 8B, 45, E8, BA, DC, 47, 40, 00, E8, 84, F0, FF, FF, 75, 0C, E8, DD... 
[+]

Entropy:

6.6232

Developed / compiled with:

Microsoft Visual C++

Code size:

14 KB (14,336 bytes)

Scan installer_3gs.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.