» k8restorewindow.dll
Overview
Analysis
File Details

k8restorewindow.dll

快吧游戏管理器

南京凡游网络技术有限公司

File name:

k8restorewindow.dll

Publisher:

凡游网络 (signed by 南京凡游网络技术有限公司)

Product:

快吧游戏管理器

Description:

快吧游戏窗口化模块

Version:

3.1.1.6271

MD5:

afb447e7daf84757074b610b929d00f0

SHA-1:

9d8c8f0800275da7902a6ae182f67d4c864dd17d

SHA-256:

6a069f6bc7dcd4e4cc032e52513294570c5b5179a8bc04d6d295cef9fe886353

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/20/2024 2:19:31 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Generic

2016.0.3156

File size:

178.6 KB (182,880 bytes)

Product version:

3.1

Original file name:

K8ResotreWindow.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\kuai8\tool\k8restorewindow.dll

Digital Signature

Signed by:

南京凡游网络技术有限公司

Authority:

WoSign CA Limited

Valid from:

3/17/2014 5:30:26 PM

Valid to:

3/16/2016 5:30:26 PM

Subject:

CN=南京凡游网络技术有限公司, E=pujc@kuai8.com, O=南京凡游网络技术有限公司, L=南京市, S=江苏省, C=CN

Issuer:

CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:

22DD36852F4742969DFC4CAB5050274F

File PE Metadata

Compilation timestamp:

3/16/2015 6:04:39 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3072:pFecqv6RwTa7MaO56EvNYFA8V6upx9t3GXpcc6l63xQTymCOTGaIROAEN58QAyFb:vwR97vNYy8V6Mjt2Xpcc6l63xQTymCOl

Entry address:

0x1991F

Entry point:

83, 7C, 24, 08, 01, 75, 05, E8, 19, 04, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, CD, FE, FF, FF, 59, C2, 0C, 00, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 50, 78, 02, 10, 89, 0D, 4C, 78, 02, 10, 89, 15, 48, 78, 02, 10, 89, 1D, 44, 78, 02, 10, 89, 35, 40, 78, 02, 10, 89, 3D, 3C, 78, 02, 10, 66, 8C, 15, 68, 78, 02, 10, 66, 8C, 0D, 5C, 78, 02, 10, 66, 8C, 1D, 38, 78, 02, 10, 66, 8C, 05, 34, 78, 02, 10, 66, 8C, 25, 30, 78, 02, 10, 66, 8C, 2D, 2C, 78, 02, 10, 9C, 8F, 05, 60, 78, 02, 10, 8B, 45... 
[+]

Entropy:

6.5641

Code size:

104 KB (106,496 bytes)

Scan k8restorewindow.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.