home

mir1.dat

Shanda Computer (Shanghai) Co., Ltd.

The file mir1.dat has been detected as malware by 6 anti-virus scanners.
Publisher:
SNDA  (signed by Shanda Computer (Shanghai) Co., Ltd.)

Version:
1.8.6.798

MD5:
457e9bd9bd63fb2f4a5a6cbe9731fb36

SHA-1:
852a7a6619b48399883fc387c8b13d1d2c6b394b

SHA-256:
5da895568d8045059d61e683db766f69be7981928ebf391fd254a891c0247057

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
4/26/2024 8:51:02 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/ATRAPS.Gen
7.11.15.240

Comodo Security
UnclassifiedMalware
10433

McAfee
Artemis!457E9BD9BD63
5600.6172

Norman
W32/Crypt.A!genr
11.20161228

Rising Antivirus
Suspicious
23.00.65.161226

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
10743

File size:
842.3 KB (862,520 bytes)

Product version:
1.8.4.0

Digital Signature
Signed by:
Shanda Computer (Shanghai) Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
7/16/2011 8:00:00 AM

Valid to:
9/14/2012 7:59:59 AM

Subject:
CN="Shanda Computer (Shanghai) Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Shanda Computer (Shanghai) Co., Ltd.", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
75CE6E674D4BD1F298B200BA6A1DA079

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x2DD810

Entry point:
60, BE, 00, E0, 60, 00, 8D, BE, 00, 30, DF, FF, C7, 87, A0, 90, 24, 00, 3A, B0, A2, 08, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 19, 8B, 1E, 83, EE, FC, 11, DB, 72, 10, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07...
 
[+]

Entropy:
7.9136

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
832 KB (851,968 bytes)

Remove mir1.dat - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.