home

qqintl2.11.exe

QQ International

Tencent Technology(Shenzhen) Company Limited

This is a setup program which is used to install the application. This file is installed with the program QQ International. The file has been seen being downloaded from filehippo.com and multiple other hosts.
Publisher:
Tencent  (signed by Tencent Technology(Shenzhen) Company Limited)

Product:
QQ International

Version:
1.91.1369.0

MD5:
d07fd6a65a1ff57760a2f6497cc955c2

SHA-1:
030df82390e7962177fcef66fc1a0fd1a3ba4090

SHA-256:
a08e5d8432ad41745cfe92479a9a0c3328a546c27f05486392ca7b77b1cb02a8

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/28/2024 10:23:43 AM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.RunOnce.ctiywu
0.28.0.58101

File size:
47.6 MB (49,880,760 bytes)

Product version:
1.91.1369.0

Copyright:
Copyright (C) 2013 Tencent. All Rights Reserved

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\qqintl2.11.exe

Digital Signature
Signed by:
Tencent Technology(Shenzhen) Company Limited

Authority:
VeriSign, Inc.

Valid from:
1/16/2013 7:00:00 PM

Valid to:
2/16/2016 6:59:59 PM

Subject:
CN=Tencent Technology(Shenzhen) Company Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Tencent Technology(Shenzhen) Company Limited, L=shenzhen, S=guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7170BD93CF3F189AE6452B514C49340E

File PE Metadata
Compilation timestamp:
1/20/2014 7:39:18 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
786432:KRp4znxWzixJ4jlVpDLRy0nLetYBYwCg8Ht00bQ36HyOodcu8H7qEpTsBU1mjvXR:Kn4LIz2J4ZLlTKKB47Ndu1OoGnpTUcmF

Entry address:
0xA8E66

Entry point:
E8, 77, CA, 00, 00, E9, 17, FE, FF, FF, 55, 8D, AC, 24, 58, FD, FF, FF, 81, EC, 28, 03, 00, 00, A1, D4, A4, 51, 00, 33, C5, 89, 85, A4, 02, 00, 00, F6, 05, DC, A4, 51, 00, 01, 56, 74, 08, 6A, 0A, E8, 6C, 6B, 00, 00, 59, E8, 21, CB, 00, 00, 85, C0, 74, 08, 6A, 16, E8, 23, CB, 00, 00, 59, F6, 05, DC, A4, 51, 00, 02, 0F, 84, A0, 00, 00, 00, 89, 85, 88, 00, 00, 00, 89, 8D, 84, 00, 00, 00, 89, 95, 80, 00, 00, 00, 89, 5D, 7C, 89, 75, 78, 89, 7D, 74, 66, 8C, 95, A0, 00, 00, 00, 66, 8C, 8D, 94, 00, 00, 00, 66, 8C...
 
[+]

Entropy:
7.9951  (probably packed)

Code size:
916 KB (937,984 bytes)

The file qqintl2.11.exe has been discovered within the following program.

QQ International  by Tencent Technology (Shenzhen) Company Limited
Publisher's description - “Video calls, voice messages, texting with heaps of fun emoticons. QQ makes sharing moments and memories much easier... The fun is always on with 100+ million online users at any time. QQ comes with a built-in translator for all your chats.”
www.tencent.com
5% remove it
 
Powered by Should I Remove It?

The file qqintl2.11.exe has been seen being distributed by the following 50 URLs.

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

temp:QQintl2.11.exe

http://dlsw.baidu.com/sw-search-sp/soft/85/.../QQIntl2.11.1437622011.exe

https://api.asm.skype.com/v1/objects/0-sa-d4-53a7f1282dde415595d63955c92d0594/.../original

http://filehippo.com/download/file/.../

http://cdn2.mydown.yesky.com/soft/.../QQintl2.11.exe

https://www.dropbox.com/pri/.../QQIntl2.11.exe

https://www.google.com/url?hl=en&q=http://dldir1.qq.com/qqfile/QQIntl/.../QQIntl2.11.exe&source=gmail&ust=1472940765343000&usg=AFQjCNEzeSAlT6TZPDJf2lbG4sdL30Sa2A

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

https://d1ob5g40gc5b6g.cloudfront.net/41/401835/.../QQintl2.11.exe

http://download.softpedia.com/dl/132e22cdf4c91923c2e3970dbf6030de/580deb7d/100189469/software/internet/.../QQintl2.11.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

https://www.google.com/url?hl=en&q=http://dldir1.qq.com/qqfile/QQIntl/.../QQIntl2.11.exe&source=gmail&ust=1478959271782000&usg=AFQjCNFTbt9CbLJhchaHgylvi5XxEvfmEg

http://filehippo.com/it/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://dl1.filehippo.com/.../QQintl2.11.exe

http://qq-international.soft32.com/download-my-file/.../

https://sz-btfs-yun-ftn.weiyun.com/ftn_handler/.../QQIntl2.11.exe

http://filehippo.com/download/file/.../

http://dl2.filehippo.com/.../QQintl2.11.exe

http://filehippo.com/download/file/.../

http://indir.gezginler.net/i/17770/.../

http://filehippo.com/download/file/.../

Latest 30 of 55 download URLs

Scan qqintl2.11.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.