home

qiyilittle_02_11.exe

QIYI 奇艺影音

BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.

The application qiyilittle_02_11.exe by BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD has been detected as a potentially unwanted program by 31 anti-malware scanners.
Publisher:
BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.  (signed and verified)

Product:
QIYI 奇艺影音

Description:
QIYI 奇艺影音在线安装

Version:
1, 0, 0, 1

MD5:
344355ccfe6626fb857527ab538012d6

SHA-1:
b4cf48884353239b001d2f3cb0cd391dfdb61c38

SHA-256:
953b78229c3c4647f01118c773cc224d6012d9aaeb4bdd4a1f4ed13d5bcb3fc8

Scanner detections:
31 / 68

Status:
Potentially unwanted

Analysis date:
4/24/2024 5:01:36 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.9051631
-3

AegisLab AV Signature
Troj.Generic!c
2.1.4+

AhnLab V3 Security
Win-Trojan/Agent.154776
2016.06.02

Avira AntiVirus
TR/Symmi.10588.1
8.3.3.4

Arcabit
Trojan.Generic.D8A1DEF
1.0.0.696

avast!
Win32:Malware-gen
2014.9-170206

Bitdefender
Trojan.Generic.9051631
1.0.20.185

Bkav FE
W32.DreamWormH.Trojan
1.3.0.8042

Clam AntiVirus
Win.Adware.Downware-529
0.98/21511

Comodo Security
TrojWare.Win32.Rogue.BBS
25149

Dr.Web
BackDoor.Crispit.2
9.0.1.037

Emsisoft Anti-Malware
Trojan.Generic.9051631
8.17.02.06.04

ESET NOD32
Win32/Hao123.A potentially unwanted (variant)
11.13581

Fortinet FortiGate
Adware/Hao123
2/6/2017

F-Prot
W32/FakeAlert.WG.gen
v6.4.7.1.166

F-Secure
Trojan.Generic.9051631
11.2017-06-02_2

G Data
Trojan.Generic.9051631
17.2.25

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.2.0.9.0

K7 AntiVirus
Adware
13.227.19779

Malwarebytes
Trojan.Chad
v2017.02.06.04

McAfee
Trojan-FAUI!344355CCFE66
5600.6131

MicroWorld eScan
Trojan.Generic.9051631
18.0.0.111

NANO AntiVirus
Trojan.Win32.Crispit.bfhhpb
1.0.30.8482

nProtect
Trojan/W32.Agent.155216.G
16.06.01.01

Sophos
Mal/Generic-S
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Rogue
8608

Trend Micro House Call
TROJ_SPNR.3AJG13
7.2.37

Trend Micro
TROJ_SPNR.3AJG13
10.465.06

VIPRE Antivirus
Trojan.Win32.Generic
49804

ViRobot
Trojan.Win32.Z.Rogue.155216.J[h]
2014.3.20.0

Zillya! Antivirus
Downloader.Hao123.Win32.1
2.0.0.2903

File size:
151.6 KB (155,216 bytes)

Product version:
1, 0, 0, 1

Copyright:
(C) 2010 QIYI.COM All Rights Reserved.

Original file name:
LiteInstall.EXE

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\appdata\local\temp\qiyilittle_02_11.exe

Digital Signature
Signed by:
BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.

Authority:
VeriSign, Inc.

Valid from:
12/28/2010 8:00:00 AM

Valid to:
12/28/2013 7:59:59 AM

Subject:
CN="BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.", L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
538E4B92BDF74EF5BC1D025B2D4F22C6

File PE Metadata
Compilation timestamp:
11/7/2012 6:47:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x8428

Entry point:
E8, 78, 56, 00, 00, E9, 89, FE, FF, FF, C7, 01, 4C, 17, 41, 00, E9, FE, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, 4C, 17, 41, 00, E8, EB, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, A5, F4, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08, 51, 52, E8, FF, 2C, 00, 00, 59, 59, 85, C0, 74, 04, 33, C0, EB, 24, F6, 06, 02, 74, 05, F6, 07, 08, 74, F2, 8B, 45, 10...
 
[+]

Entropy:
6.9059

Code size:
61 KB (62,464 bytes)

Remove qiyilittle_02_11.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.