home

sddown.exe

Shanda Computer (Shanghai) Co., Ltd.

Publisher:
Shanda Computer (Shanghai) Co., Ltd.  (signed and verified)

Version:
1.6.5.2294

MD5:
990f9a447f957a449963c357320ad16b

SHA-1:
d0a76acbffcc9650f017e0f91cb7eb47f9100959

SHA-256:
517095291df45266b94cb0aeb62e6153fd42c10b12bf3cc1ebf9bfa5cc976011

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 7:14:58 AM UTC  (today)

File size:
3.4 MB (3,574,632 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\????????\??????????\sddown.exe

Digital Signature
Signed by:
Shanda Computer (Shanghai) Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
7/9/2010 3:00:00 AM

Valid to:
8/9/2011 2:59:59 AM

Subject:
CN="Shanda Computer (Shanghai) Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Shanda Computer (Shanghai) Co., Ltd.", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
69CB0E69CC536D14C6432379283875DA

File PE Metadata
Compilation timestamp:
11/29/2010 9:09:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:8YYjOKKhCCE1NExpGfgUGJ/tNqevs2lG+dexlVh/CklS3lPrHq8:8YYjCPGfgUGJ/tNqeve9lV5CklSRTl

Entry address:
0x2A84A4

Entry point:
55, 8B, EC, B9, 07, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, D8, 4A, 6A, 00, E8, E4, F4, D5, FF, 33, C0, 55, 68, 85, 88, 6A, 00, 64, FF, 30, 64, 89, 20, B8, 9C, 88, 6A, 00, E8, 8C, 94, D6, FF, 84, C0, 74, 0A, 68, D0, 07, 00, 00, E8, 42, 96, D6, FF, E8, 45, C5, FF, FF, 84, C0, 0F, 85, 13, 01, 00, 00, B8, 9C, 88, 6A, 00, E8, 67, 94, D6, FF, 84, C0, 0F, 84, 8A, 00, 00, 00, 68, E8, 03, 00, 00, E8, 19, 96, D6, FF, E8, 1C, C5, FF, FF, 84, C0, 75, 77, B8, AC, 88, 6A, 00, E8, 42, 94, D6, FF, 84, C0...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.7 MB (2,781,696 bytes)

Scan sddown.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.