home

ShouQuConf.dll

ShouQuConf

Zhenjiang ChangYou Network Technology Co., Ltd.

Publisher:
Microsoft  (signed by Zhenjiang ChangYou Network Technology Co., Ltd.)

Product:
ShouQuConf

Version:
1.00

MD5:
187afe8f0cba7421baf7b743d7638e7d

SHA-1:
4528f781b7bb5344fd02650b7bbdac4464e9b836

SHA-256:
4890b6c9a94ffc0c702f5650bba24d94f67578a6a08e452d63dac347d6bd8257

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/4/2024 3:23:13 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2016.0.2989

Dr.Web
Adware.ShouQu.4
9.0.1.05190

File size:
34.4 KB (35,192 bytes)

Product version:
1.00

Original file name:
ShouQuConf.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, China)

Common path:
C:\Program Files\shouqu\201407192345\shouquconf.dll

Digital Signature
Signed by:
Zhenjiang ChangYou Network Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/6/2014 7:00:00 PM

Valid to:
3/7/2015 6:59:59 PM

Subject:
CN="Zhenjiang ChangYou Network Technology Co., Ltd.", OU=技术部, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Zhenjiang ChangYou Network Technology Co., Ltd.", L=Zhenjiang, S=Jiangsu, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E647F3525E873BEEE27CE28AD420537

Registration
CLSID:
{84922A21-19EA-4DF1-B91E-C4D1443298FC}

ProgID:
ShouQuConf.cIniFile

COM registered:
Yes

File PE Metadata
Compilation timestamp:
3/31/2014 3:21:42 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:oCn1WrlSkBGsyfkDs3gmdyKWsWl1BnYPLDmreMFbWR:D1klSkWWs5KzXV6

Entry address:
0x1308

Entry point:
5A, 68, 50, 43, 00, 11, 68, 54, 43, 00, 11, 52, E9, E7, FF, FF, FF, 00, 00, 00, 58, 00, 00, 00, 30, 00, 00, 00, 50, 00, 00, 00, 40, 00, 00, 00, 65, 31, 7D, 4C, EC, F2, 9B, 4E, A1, 90, E8, AD, FC, 25, 41, A1, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 53, 68, 6F, 75, 51, 75, 43, 6F, 6E, 66, 00, 00, 00, 00, 00, 00, 53, 68, 6F, 75, 51, 75, 43, 6F, 6E, 66, 20, 46, 69, 6C, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A0, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.4974

Developed / compiled with:
Microsoft Visual Basic v6.0

Code size:
12 KB (12,288 bytes)

Automation Object
CLSID:
{84922A21-19EA-4DF1-B91E-C4D1443298FC}

CLSID name:
ShouQuConf.cIniFile


Scan ShouQuConf.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.