home

OtakuMovie.exe

Shangrao Yuwang Technology Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘OtakuMovie’.
Publisher:
上饶市渝网科技有限公司  (signed by Shangrao Yuwang Technology Co., Ltd.)

Description:
宅男影音

Version:
1, 2, 4, 2

MD5:
a179d74ef1cf4b621b915a9e142cc426

SHA-1:
455e00634da95231f6ef3deb0310e8269bf43fe8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 12:00:13 AM UTC  (today)

File size:
1.2 MB (1,230,648 bytes)

Product version:
1, 2, 4, 2

Copyright:
Copyright (T) 2005-2013

Original file name:
OtakuMovie.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\otakumovie13091700\otakumovie.exe

Digital Signature
Signed by:
Shangrao Yuwang Technology Co., Ltd.

Authority:
WoSign eCommerce Services Limited

Valid from:
3/20/2013 12:27:07 PM

Valid to:
3/22/2014 7:31:32 PM

Subject:
E=cq198@sina.com, CN="Shangrao Yuwang Technology Co., Ltd.", O="Shangrao Yuwang Technology Co., Ltd.", L=Shangrao, S=Jiangxi, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
22F387FECA36D7

File PE Metadata
Compilation timestamp:
9/16/2013 4:07:23 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:HLQBqzBmTJ/barx1d9Fbb17WTwT598XmyFpkd:iAoTI/FvNWTwl982yFm

Entry address:
0xA53E8

Entry point:
E8, 7C, 32, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, 50, 0C, 00, 00, 3B, 0D, 80, 6B, 4D, 00, 75, 02, F3, C3, E9, F8, 32, 00, 00, 8B, FF, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, AF, 35, 00, 00, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, 6C, 51, 4B, 00, 57, FF, 35, E8, A4, 4D, 00, FF, D6, FF, 35, E4, A4, 4D, 00, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, B5, 36, 00, 00, 8B, D8, 8D, 47, 04, 59...
 
[+]

Entropy:
7.0504

Code size:
719.5 KB (736,768 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
OtakuMovie

Command:
"C:\Program Files\otakumovie13091700\otakumovie.exe" -system


Scan OtakuMovie.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.