home

leoso_b037.exe

Jiangxi province network game Ltd.

Publisher:
Jiangxi province network game Ltd.  (signed and verified)

Version:
1.0.0.0

MD5:
66b1f83903327c8519f8440526e96354

SHA-1:
a18fb3fd5b9a7ead37a8956b4b92b1f0a4ccc619

SHA-256:
6c01d6c80de9f0f1596c6a7e678a3cdbd473a5af147ec529b695e7c41343f038

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:09:55 PM UTC  (today)

File size:
4 MB (4,181,152 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\leoso_b037.exe

Digital Signature
Signed by:
Jiangxi province network game Ltd.

Authority:
Thawte, Inc.

Valid from:
3/10/2012 8:00:00 AM

Valid to:
3/11/2013 7:59:59 AM

Subject:
CN=Jiangxi province network game Ltd., OU=Technology, O=Jiangxi province network game Ltd., L=nanchang, S=jiangxi, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3B977AA859CD93C1B76C2B7358B063BD

File PE Metadata
Compilation timestamp:
11/26/2012 12:15:36 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:c3Wu/h06nLuS0TcmBTL8qHH4CTgZz35VBL1X3UhD+RkRPBd7RT7OdM8fdTal:c3Wu5eION49z35Vx10R+SYdM8fdTal

Entry address:
0x21D6C8

Entry point:
55, 8B, EC, 83, C4, F0, B8, E8, 4D, 61, 00, E8, BC, E4, DE, FF, A1, 78, 05, 75, 00, 8B, 00, E8, 0C, 9A, F1, FF, B1, 01, BA, 2C, D7, 61, 00, A1, 8C, 93, 4E, 00, E8, 0B, D8, ED, FF, 8B, 0D, 98, 07, 75, 00, A1, 78, 05, 75, 00, 8B, 00, 8B, 15, 60, 92, 5C, 00, E8, FB, 99, F1, FF, A1, 78, 05, 75, 00, 8B, 00, E8, 53, 9B, F1, FF, E8, 8A, 9F, DE, FF, 00, 00, B0, 04, 02, 00, FF, FF, FF, FF, 0E, 00, 00, 00, 54, 00, 75, 00, 72, 00, 71, 00, 75, 00, 6F, 00, 69, 00, 73, 00, 65, 00, 20, 00, 47, 00, 72, 00, 61, 00, 79, 00...
 
[+]

Entropy:
7.1338

Developed / compiled with:
Microsoft Visual C++

Code size:
2.1 MB (2,212,864 bytes)

Scan leoso_b037.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.