home

Shell 3D Movie.exe

Shell 3D Movie

Shangrao Yuwang Technology Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Shell 3D Movie’.
Publisher:
Microsoft  (signed by Shangrao Yuwang Technology Co., Ltd.)

Product:
Shell 3D Movie

Version:
2.00.0106

MD5:
83ab0efe3023043d8fa52436dbbe8a16

SHA-1:
c98db75e8a90716ff198e929c9a9fa9584ba5957

SHA-256:
280f3040f41b7f5d5f6a23ee1b85fe6c70dae12abaa59fa20ff3636e5428dc85

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 8:08:08 AM UTC  (today)

File size:
471.8 KB (483,120 bytes)

Product version:
2.00.0106

Original file name:
Shell 3D Movie.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\shell 3d movie\shell 3d movie.exe

Digital Signature
Signed by:
Shangrao Yuwang Technology Co., Ltd.

Authority:
WoSign eCommerce Services Limited

Valid from:
3/20/2013 11:27:07 AM

Valid to:
3/22/2014 6:31:32 PM

Subject:
E=cq198@sina.com, CN="Shangrao Yuwang Technology Co., Ltd.", O="Shangrao Yuwang Technology Co., Ltd.", L=Shangrao, S=Jiangxi, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
22F387FECA36D7

File PE Metadata
Compilation timestamp:
5/3/2013 3:24:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x4650

Entry point:
68, C0, 48, 40, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 52, E1, 74, 76, 81, BC, 9A, 41, AB, 25, 8A, 4E, 1B, 67, ED, A5, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 53, 68, 65, 6C, 6C, 33, 44, 4D, 6F, 76, 69, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 08, 00, 00, 00, AF, 72, E0, 0F, ED, CA, 57, 4F, 86, 61, 5B, F2, 30, A1, 51, 84, 01, 00, 00, 00, 98, 00, 00, 00...
 
[+]

Entropy:
6.2269

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
432 KB (442,368 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Shell 3D Movie

Command:
C:\Program Files\shell 3d movie\shell 3d movie.exe


Scan Shell 3D Movie.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.