home

runer.exe

Cong ty dau tu va phat trien cong nghe thong tin

Publisher:
Cong ty dau tu va phat trien cong nghe thong tin  (signed and verified)

MD5:
8713d10a9f92f0ee06453af584ede34b

SHA-1:
3a3498da870b68eb8737c0f2b5f24194f900a028

SHA-256:
60ea05fc98f1154152667e2543e19527599b1a64050803f047b60382f26eecef

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 4:30:53 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Trend Micro House Call
Suspicious_GEN.F47V0131
7.2.57

File size:
157.3 KB (161,096 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\vtcgame\dot kich\runer.exe

Digital Signature
Signed by:
Cong ty dau tu va phat trien cong nghe thong tin

Authority:
VeriSign, Inc.

Valid from:
7/30/2013 7:00:00 AM

Valid to:
8/26/2015 6:59:59 AM

Subject:
CN=Cong ty dau tu va phat trien cong nghe thong tin, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Cong ty dau tu va phat trien cong nghe thong tin, L=Hanoi, S=Hanoi, C=VN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2F318FA88A92CCE830CC187023EC0B36

File PE Metadata
Compilation timestamp:
1/23/2015 3:40:21 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:J/q2cnKxEFjoHcY1+VA/Go0QkHKvZ6oq+Nfgx0qRpfUwO6jF33:7cnKxEdM3+W/GrYy0fgx9RsQH

Entry address:
0x1EF4D

Entry point:
B8, 6C, C7, 45, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 58, 50, E2, 0F, 8A, 3B, 21, 2E, 3B, 4F, A4, 0B, A7, 7E, D1, C1, 32, 55, 1A, D8, 8C, 2B, A7, D8, C5, 74, 18, 32, FF, 43, AE, 37, AB, F7, 6B, 42, BC, B1, 2C, 47, CD, 44, 12, 6A, 30, 4C, 8F, 92, 42, 4A, CE, 68, 72, F7, 4F, DD, 5C, FF, B4, 4D, 0F, 2F, C7, BB, 74, 0A, BC, 4B, 86, 91, 2F, 4A, 2E, 77, 30, A6, 97, D9, E5, 39, 1A, 84, 00, 8B, 0E, 1B, EE, 1F, 81, 2F, AE, 53, 8B...
 
[+]

Entropy:
7.8997

Packer / compiler:
PECompact v2

Code size:
224 KB (229,376 bytes)

The file runer.exe has been discovered within the following program.

New Audition  by VTCGame
au.vtcgame.vn
About 1% of users remove it
 
Powered by Should I Remove It?

Scan runer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.