home

m1905setup.exe

CHINA MOVIE CHANNEL (CCTV6)

This is a setup and installation application.
Publisher:
CHINA MOVIE CHANNEL (CCTV6)  (signed and verified)

MD5:
1963ae4f06691435723b97169f3f0415

SHA-1:
eeed9d65b27f19cd84f81aa4a2c76bba67f79699

SHA-256:
8e1528f02f0dbe21a4fe9a25590fc060eb39b2ffd248511d1e35e1dce9ecd410

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 10:06:15 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod21a.Trojan
1.3.0.4959

McAfee
Artemis!1963AE4F0669
5600.6239

Norman
Suspicious_Gen2.CHQSE
11.20161022

nProtect
Trojan/W32.Agent.636432.B
14.07.15.01

Trend Micro House Call
Suspicious_GEN.F47V0711
7.2.296

File size:
621.5 KB (636,432 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\程式\m1905setup.exe

Digital Signature
Signed by:
CHINA MOVIE CHANNEL (CCTV6)

Authority:
VeriSign, Inc.

Valid from:
8/21/2009 8:00:00 AM

Valid to:
8/21/2012 7:59:59 AM

Subject:
CN=CHINA MOVIE CHANNEL (CCTV6), OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CHINA MOVIE CHANNEL (CCTV6), L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
49DF69AB10321AB1932E176B49A99BFC

File PE Metadata
Compilation timestamp:
10/5/2005 5:07:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:lkMOeimZXqpbEe7mDoB2Y9hvragDdqm3CgDdT7oX49WuCeJSllL/six:lkMOT4Xq5E6bkshDagD0mS6p7oo9keax

Entry address:
0x36D9

Entry point:
83, EC, 20, 53, 55, 56, 33, F6, 57, 89, 74, 24, 18, BB, D8, A6, 40, 00, 89, 74, 24, 14, C6, 44, 24, 10, 20, FF, 15, 30, 80, 40, 00, 56, FF, 15, 8C, 82, 40, 00, 68, FC, A7, 40, 00, 68, 40, 7A, 44, 00, A3, F0, BA, 44, 00, E8, B8, 29, 00, 00, BD, 00, E0, 47, 00, BF, 00, 20, 00, 00, 55, 57, FF, 15, B8, 80, 40, 00, E8, 79, FF, FF, FF, 85, C0, 75, 24, 68, FB, 1F, 00, 00, 55, FF, 15, B4, 80, 40, 00, 68, F4, A7, 40, 00, 55, E8, A4, 29, 00, 00, E8, 59, FF, FF, FF, 85, C0, 0F, 84, 4B, 01, 00, 00, BE, 00, 40, 47, 00...
 
[+]

Entropy:
7.9755  (probably packed)

Code size:
24.5 KB (25,088 bytes)

Scan m1905setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.