home

ShouQu.exe

首趣

Zhenjiang ChangYou Network Technology Co., Ltd.

Publisher:
Microsoft  (signed by Zhenjiang ChangYou Network Technology Co., Ltd.)

Product:
首趣

Version:
1.00.0004

MD5:
6224a7308c3037a46753b76127ec7e49

SHA-1:
1b321583741c8a47f04ad04f0da0d2bec9510dd8

SHA-256:
5641d52f42b62890dfa203d4b2c945f76dc879675ad73d36bccb991bd480f9d3

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 5:51:45 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.ShouQu.4
9.0.1.05190

ESET NOD32
Win32/RiskWare.ShouQu.A application
6.3.12010.0

File size:
390.4 KB (399,736 bytes)

Product version:
1.00.0004

Original file name:
ShouQu.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Zhenjiang ChangYou Network Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/7/2014 8:00:00 AM

Valid to:
3/8/2015 7:59:59 AM

Subject:
CN="Zhenjiang ChangYou Network Technology Co., Ltd.", OU=技术部, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Zhenjiang ChangYou Network Technology Co., Ltd.", L=Zhenjiang, S=Jiangsu, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E647F3525E873BEEE27CE28AD420537

File PE Metadata
Compilation timestamp:
3/25/2014 11:51:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:LZ9oGigo1Eu5t/rFiDbf5NhVX+6T8QG4WDdvdZPi0dlusKnhHqLfIj:XJ6E0/k5NhVX+Q8z4WZd1usKhKzIj

Entry address:
0x28A8

Entry point:
68, A4, 2B, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, A3, ED, F1, 20, D9, 1A, E5, 41, 88, EC, B8, BA, 15, 58, C9, 88, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 53, 68, 6F, 75, 51, 75, 00, 00, 00, 00, 00, 00, 01, 00, 11, 00, 8C, 77, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, 10, 7B, 40, 00, DC, 74, 44, 00, 00, 00, 00, 00, 60, 34, 36, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 28, 29, 40, 00...
 
[+]

Entropy:
6.4561

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
280 KB (286,720 bytes)

Scan ShouQu.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.