registryeasy.exe
Qiwang Computer
The application registryeasy.exe by Qiwang Computer has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
File name:
registryeasy.exe
MD5:
c98d58b280d29b280e803235451922ff
SHA-1:
c1b4820811bce74bd51f11fa9a0d5319f5fc3be0
SHA-256:
3a0dc864377e19d6724262c65139cc65a41de63499e42b628d35943a805b7d9a
Scanner detections:
1 / 68
Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.
Analysis date:
4/24/2024 4:46:50 AM UTC (today)
Scan engine
Detection
Engine version
Reason Heuristics
PUP.QiwangComputer (M)
16.2.14.4
File size:
3.1 MB (3,208,184 bytes)
File type:
Executable application (Win32 EXE)
Valid from:
6/16/2008 7:00:00 AM
Valid to:
6/14/2011 6:59:59 AM
Subject:
CN=Qiwang Computer, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Qiwang Computer, L=Nanning, S=Guangxi, C=CN
Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Serial number:
19E46BDB66FF71931FE43DB54F76BE4F
Compilation timestamp:
6/20/1992 5:22:17 AM
CTPH (ssdeep):
98304:Y7zs0oUvIFvqjvC8gMVIOUQ4V95PeQ4y0H:iTgojs1VPmJD
Entropy:
7.9179 (probably packed)
Code size:
36.5 KB (37,376 bytes)