» MyWebHelper.exe
Overview
Analysis
File Details
Downloads (1)

MyWebHelper.exe

《梦幻西游》手游

NetEase(Hangzhou) Network Co. Ltd.

File name:

MyWebHelper.exe

Publisher:

Netease (signed by NetEase(Hangzhou) Network Co. Ltd.)

Product:

《梦幻西游》手游

Version:

1.62.0.0

MD5:

2b90ffb6f415e744754e7a820d076976

SHA-1:

ad1c8ee236607985b6d57014694a94b5413e3e2f

SHA-256:

301ec67251f9a06270922f6a2283f77ab2b41dd6286a6e5d0a9d1927aec4ad15

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

6/23/2025 5:23:03 PM UTC (today)

File size:

118 KB (120,816 bytes)

Product version:

1.62.0.0

Original file name:

MyWebHelper.exe

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

NetEase(Hangzhou) Network Co. Ltd.

Authority:

Symantec Corporation

Valid from:

1/28/2016 8:00:00 AM

Valid to:

6/21/2016 7:59:59 AM

Subject:

CN=NetEase(Hangzhou) Network Co. Ltd., OU=NetEase(Hangzhou), O=NetEase(Hangzhou) Network Co. Ltd., L=Hangzhou, S=Zhejiang, C=CN

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

4F3287F0958660AC3A6EC520C2EBDCB8

File PE Metadata

Compilation timestamp:

6/6/2016 9:46:39 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

3072:Wg9StSerMF7cIp5quqcnZ7dmumkMj1BMjjjjyjjjj5AarI:WggtDt0nZpmFh1BRE

Entry address:

0x11F13

Entry point:

E8, 49, 04, 00, 00, E9, 49, FE, FF, FF, 55, 8B, EC, FF, 15, 38, 40, 41, 00, 6A, 01, A3, BC, 85, 41, 00, E8, 3E, 05, 00, 00, FF, 75, 08, E8, 3C, 05, 00, 00, 83, 3D, BC, 85, 41, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 24, 05, 00, 00, 59, 68, 09, 04, 00, C0, E8, 25, 05, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 36, 05, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, A0, 83, 41, 00, 89, 0D, 9C, 83, 41, 00, 89, 15, 98, 83, 41, 00, 89, 1D, 94, 83, 41, 00, 89, 35, 90, 83, 41, 00, 89, 3D, 8C... 
[+]

Entropy:

6.4801

Code size:

74.5 KB (76,288 bytes)

The file MyWebHelper.exe has been seen being distributed by the following URL.

http://g18.gdl.netease.com/MyWebHelper.exe

Scan MyWebHelper.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.