home

qqcallgw.exe

腾讯QQ

Tencent Technology(Shenzhen) Company Limited

Publisher:
Tencent  (signed by Tencent Technology(Shenzhen) Company Limited)

Product:
腾讯QQ

Version:
8.0.6.629

MD5:
bb2fed67def6d61daaebe8eb86a2cd78

SHA-1:
7a237bb88c653447d41181ad37825f42f9f388e2

SHA-256:
b67d320ac949c90046785f98c05d35928bb18a50e4b08194a02a5dd7849fe141

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 10:36:03 PM UTC  (today)

File size:
492.6 KB (504,424 bytes)

Product version:
8.0.0.2

Copyright:
Copyright (C) 1999-2016 Tencent. All Rights Reserved

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\tencent\qq\bin\qqcallgw.exe

Digital Signature
Signed by:
Tencent Technology(Shenzhen) Company Limited

Authority:
VeriSign, Inc.

Valid from:
2/4/2016 8:00:00 AM

Valid to:
3/29/2019 7:59:59 AM

Subject:
CN=Tencent Technology(Shenzhen) Company Limited, OU=研发管理部, O=Tencent Technology(Shenzhen) Company Limited, L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
52048B9C8A67E28F0CC8CC75813DDC5A

File PE Metadata
Compilation timestamp:
6/29/2016 8:14:04 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:jPhZPVe34V2xtl15v6wtYpZeQXjg831t/OGQwtcENOZbac:jPutl1ppKY831t/OGVccOZec

Entry address:
0x38563

Entry point:
E8, E6, CD, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 4C, A4, 46, 00, 00, 74, 05, E9, 4D, CE, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83, C7, 01, 83, EA, 01, 75, F6, 8B, 44, 24, 08...
 
[+]

Entropy:
6.5466

Code size:
327 KB (334,848 bytes)

The file qqcallgw.exe has been seen being distributed by the following URL.

http://dldir1.qq.com/qmbs/.../QQUrlMgr_QQ80_0629.exe

Scan qqcallgw.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.