home

Shell 3D Movie.exe

Shell 3D Movie

Shangrao Yuwang Technology Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Shell 3D Movie’.
Publisher:
Microsoft  (signed by Shangrao Yuwang Technology Co., Ltd.)

Product:
Shell 3D Movie

Version:
2.00.0104

MD5:
e60aba94f20f6baa16b3dd25e2629770

SHA-1:
c8a091b6e582316ac58b034bf82b7123e2809a78

SHA-256:
c488351beac389cc9a1783d65a5e1e489017bc89487fe7e470bb188e19b04e37

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 3:26:06 AM UTC  (today)

File size:
479.8 KB (491,312 bytes)

Product version:
2.00.0104

Original file name:
Shell 3D Movie.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\shell 3d movie\shell 3d movie.exe

Digital Signature
Signed by:
Shangrao Yuwang Technology Co., Ltd.

Authority:
WoSign eCommerce Services Limited

Valid from:
3/20/2013 12:27:07 PM

Valid to:
3/22/2014 7:31:32 PM

Subject:
E=cq198@sina.com, CN="Shangrao Yuwang Technology Co., Ltd.", O="Shangrao Yuwang Technology Co., Ltd.", L=Shangrao, S=Jiangxi, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
22F387FECA36D7

File PE Metadata
Compilation timestamp:
4/24/2013 4:48:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x46A4

Entry point:
68, 14, 49, 40, 00, E8, F0, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 81, 0F, 39, 0B, A8, 7B, 98, 4D, AC, 25, 74, AE, 48, 0A, AA, C3, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 53, 68, 65, 6C, 6C, 33, 44, 4D, 6F, 76, 69, 65, 00, 23, 32, 2E, 00, 23, 30, 23, 43, 3A, 5C, 57, B8, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 08, 00, 00, 00, B8, 50, FE, D6, ED, 8A, 64, 48, A8, F1, B7, B7, 7E, 22, 37, CF, 01, 00, 00, 00, 98, 00, 00, 00...
 
[+]

Entropy:
6.2076

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
440 KB (450,560 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Shell 3D Movie

Command:
C:\Program Files\shell 3d movie\shell 3d movie.exe


Scan Shell 3D Movie.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.