reconengine.exe

BEIJING KUWO TECHNOLOGY CO.,LTD.

Scan reconengine.exe - Powered by Reason Core Security
Publisher:
BEIJING KUWO TECHNOLOGY CO.,LTD.  (signed and verified)

MD5:
8500f1744f2d1ac07fb36d93645a1a0f

SHA-1:
199bcc11f23fe8cea6da4f83239119174cbdf7e8

SHA-256:
6a7ee42154c5191362354c9d5f4bef058f9e9ba48666c98ae011c17f6d2ee801

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/11/2016 3:14:43 AM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.TrojObfusc.csyffs
0.28.0.58720

File size:
220.4 KB (225,640 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kuwo\kwmusic2013\bin\reconengine.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/6/2011 8:00:00 AM

Valid to:
12/6/2013 7:59:59 AM

Subject:
CN="BEIJING KUWO TECHNOLOGY CO.,LTD.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="BEIJING KUWO TECHNOLOGY CO.,LTD.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
47D7B3A21FF5C08D6EF21F8C7DEC0CD7

File PE Metadata
Compilation timestamp:
4/26/2013 11:39:54 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
6144:nHRLGwi0z7XvdhRZ8BJLEjOh+jyg5EqkaP:nxqQz7X1hRZ8BJ5h4EqH

Entry address:
0x13A1F

Entry point:
E8, 14, AA, 00, 00, E9, A4, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, FF, 35, 48, 52, 43, 00, 8B, 35, 30, A1, 42, 00, FF, D6, 85, C0, 74, 21, A1, 44, 52, 43, 00, 83, F8, FF, 74, 17, 50, FF, 35, 48, 52, 43, 00, FF, D6, FF, D0, 85, C0, 74, 08, 8B, 80, F8, 01, 00, 00, EB, 27, BE, 34, DE, 42, 00, 56, FF, 15, 08, A1, 42, 00, 85, C0, 75, 0B, 56, E8, 72, B8, FF, FF, 59, 85, C0, 74, 18, 68, 24, DE, 42, 00, 50, FF, 15, D8, A0, 42, 00, 85, C0, 74, 08, FF, 75, 08, FF, D0, 89, 45, 08, 8B, 45, 08, 5E, 5D, C3, 6A, 00, E8, 87...
 
[+]

Entropy:
6.6529

Code size:
163 KB (166,912 bytes)

Scan reconengine.exe - Powered by Reason Core Security