home

PowerEnterPINGAN.OCX

POWERENTER

中国平安保险(集团)股份有限公司

Publisher:
CSII  (signed by 中国平安保险(集团)股份有限公司)

Product:
POWERENTER

Description:
平安银行安全输入控件

Version:
2, 3, 7, 0

MD5:
501caef2a32f2864635fd0a586291817

SHA-1:
eff2c4b49a508cc0c508d2579645f00f8223aaa4

SHA-256:
87f9c556d4aea89b81f21da5828a65c1920cd5da0a3c5daf5c29ebba2ab9ceee

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
6/1/2024 2:53:52 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6267

File size:
977.4 KB (1,000,864 bytes)

Product version:
2, 3, 7, 0

Copyright:
Copyright (C) 2008-2012 CSII

Trademarks:
POWERENTER

Original file name:
PowerEnterPINGAN.OCX

File type:
OLE control extension (Win32 OCX)

Common path:
C:\windows\downloaded Program Files\powerenterpingan.ocx

Digital Signature
Signed by:
中国平安保险(集团)股份有限公司

Authority:
WoSign eCommerce Services Limited

Valid from:
7/10/2012 10:54:23 PM

Valid to:
7/14/2015 6:34:32 PM

Subject:
E=postmaster@pingan.com.cn, CN=中国平安保险(集团)股份有限公司, O=中国平安保险(集团)股份有限公司, L=深圳市, S=广东省, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
12D59960D6E362

File PE Metadata
Compilation timestamp:
11/23/2012 11:46:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:vBt128CzETVsQHuoFSZ+DHIO26AiPtaF0LQQT:Zq8CzETxFSoD/1ayL5T

Entry address:
0x17D1F2

Entry point:
E9, AD, F4, FF, FF, 88, 54, 24, 04, 50, 89, EC, E8, F1, 04, 00, 00, 1D, 06, 50, FE, 6D, 22, 77, BA, BA, 40, 9E, C1, BC, 90, 3E, 90, 16, 98, 2A, 64, 03, 8C, 0F, A0, 13, BC, A0, B3, AF, 9C, B4, A7, 3C, 93, 1D, 93, 18, 57, 59, BC, 32, D7, 39, 5B, BE, 70, FE, FB, 53, 26, E5, 49, 85, 03, 57, BC, 55, 01, 8A, 42, 5D, EC, 27, C4, 6E, 23, 4E, EB, B9, 6F, 3D, B3, 02, 8B, 6D, 88, 8B, 53, BA, 0B, E8, 43, 16, 19, C7, C9, 23, F1, 42, 43, 5C, 93, 5B, F8, CE, 15, 60, 23, 54, 59, 00, ED, 94, 28, E4, B1, 38, 89, 20, 8D, 04...
 
[+]

Entropy:
7.8503

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
164 KB (167,936 bytes)

ActiveX Install
Name:
{3BD97475-E081-45B3-A355-8B74E176B1F6}


Scan PowerEnterPINGAN.OCX - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.