home

ShouQuGdi.dll

ShouQuGdi

Zhenjiang ChangYou Network Technology Co., Ltd.

Publisher:
Microsoft  (signed by Zhenjiang ChangYou Network Technology Co., Ltd.)

Product:
ShouQuGdi

Version:
1.00

MD5:
b12b9ae916298a537589d7f0212b5c39

SHA-1:
83526f2a73d0cbab6cb6da94db551a4a679a3f2f

SHA-256:
4972dba0ee368def43fb7b0081aaba05cfd19aac166892049eeb9fd068be2f1c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 1:09:56 PM UTC  (today)

File size:
162.4 KB (166,264 bytes)

Product version:
1.00

Original file name:
ShouQuGdi.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, China)

Common path:
C:\Program Files\shouqu\201407192345\shouqugdi.dll

Digital Signature
Signed by:
Zhenjiang ChangYou Network Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/6/2014 7:00:00 PM

Valid to:
3/7/2015 6:59:59 PM

Subject:
CN="Zhenjiang ChangYou Network Technology Co., Ltd.", OU=技术部, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Zhenjiang ChangYou Network Technology Co., Ltd.", L=Zhenjiang, S=Jiangsu, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E647F3525E873BEEE27CE28AD420537

Registration
CLSID:
{E5365947-A172-4C35-A4FA-C5AB8559DF3F}

ProgID:
ShouQuGdi.crNewBtn

COM registered:
Yes

File PE Metadata
Compilation timestamp:
4/8/2014 9:39:01 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:1bnxdXDc4xAksc/yWeNYwgUP0ZtPmjShARvnKf1kV7mc+UzpGPFQvOtSDbKnhc6b:lxdXon1nvnJ71EivusKnhc6V9

Entry address:
0x13D8

Entry point:
5A, 68, FC, 77, 01, 11, 68, 00, 78, 01, 11, 52, E9, E9, FF, FF, FF, 00, 00, 00, 58, 00, 00, 00, 30, 00, 00, 00, 50, 00, 00, 00, 40, 00, 00, 00, DC, 3F, 74, C4, 7A, 04, 29, 4E, 81, DE, 40, AF, E4, 52, D1, 46, 00, 00, 00, 00, 02, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 53, 68, 6F, 75, 51, 75, 47, 64, 69, 00, 00, 00, 00, 00, 00, 00, 53, 68, 6F, 75, 51, 75, 47, 64, 69, 20, 46, 69, 6C, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A0, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 01, 00, 00, 00...
 
[+]

Entropy:
6.4638

Developed / compiled with:
Microsoft Visual Basic v6.0

Code size:
80 KB (81,920 bytes)

Scan ShouQuGdi.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.