home

malware95

CrystalDiskInfo

Meicun Ge

The file malware95 has been detected as malware by 5 anti-virus scanners.
Publisher:
Crystal Dew World  (signed by Meicun Ge)

Product:
CrystalDiskInfo

Version:
6.2.0.2014

MD5:
1d3bf61d174ecd10d979b12b0b01a43b

SHA-1:
dd6f9c74a801163cafd5fd5bfb06fc367a6bebf2

SHA-256:
e20b1fb344c98a9e6483669dfa95f9c021ab5da0399db65f4dc8cfcdacc9630e

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
5/5/2024 11:24:38 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

AVG
Generic_r
2016.0.3051

ESET NOD32
Win32/Agent.QES (variant)
9.11920

Microsoft Security Essentials
Trojan:Win32/Hitbrovi!dha
1.1.11804.0

Sophos
Mal/Agent-ARC
4.98

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
41884

File size:
366.2 KB (375,000 bytes)

Product version:
6.2.0.2014

Copyright:
Copyright (C) 2008-2014 hiyohiyo. All rights reserved.

Language:
Language Neutral

Digital Signature
Signed by:
Meicun Ge

Authority:
Unizeto Technologies S.A.

Valid from:
9/8/2014 9:49:43 AM

Valid to:
9/8/2015 9:49:43 AM

Subject:
E=meicunge@gmail.com, CN="Open Source Developer, meicun ge", O=Meicun Ge, C=CN

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
4FC13D6220C629043A26F81B1CAD72D8

File PE Metadata
Compilation timestamp:
12/12/2014 1:39:19 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:WokRiE+wbpUkiAGUIoBib3gedN1GADkp2zRYx63TDFW2qkYMzVX81y0yZV7HJBNP:mRiEFlPGUI+gzdPGADeYNtiC5XuI7p/P

Entry address:
0xB2A9A

Entry point:
E8, 18, 83, FF, FF, 9C, 9C, 8D, 64, 24, 2C, 0F, 85, 78, D6, FF, FF, E8, 1A, 7E, FF, FF, 14, 23, 86, 25, B8, 4F, 45, 7C, 8D, 08, B2, CC, E4, 4D, E1, 4C, E6, 51, ED, 58, 36, 81, 2D, 98, 42, AD, D4, F3, 4F, A0, 1A, 05, 90, 37, 17, 62, 94, 7F, 24, 8B, 74, A7, 65, 0A, D9, CF, 6B, 19, FD, A4, 3B, 5A, A2, 67, 1E, F7, F8, 23, 0D, 6A, 7F, 3D, 58, 62, 66, EF, F5, D5, A9, A4, 46, B1, 83, E6, 9F, E6, 9E, E0, E7, 95, B1, 9A, 42, D0, F6, BB, C2, 00, 0F, 8A, EC, CB, C1, 81, EC, E3, F4, 77, DA, 6A, 4D, 8E, 23, D9, 23, C8...
 
[+]

Code size:
187 KB (191,488 bytes)

Remove malware95 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.