home

SystemClean.dll

木馬清除大師組件

Beijing Wen Ming Tian Xia Technologies Co., Ltd

Publisher:
Lofocus(洛克思)安全實驗室  (signed by Beijing Wen Ming Tian Xia Technologies Co., Ltd)

Product:
木馬清除大師組件

Version:
2, 0, 0, 1

MD5:
0dab8368919ce3ba27b968d0ff6af885

SHA-1:
46137dda82534b5acf9bd440d43f81c84d3604f4

SHA-256:
43c540607cb2b4dd63914cb209104d240b567d31346bdcc824cc162efb1b6582

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 10:10:36 PM UTC  (today)

File size:
102.9 KB (105,352 bytes)

Product version:
2, 0, 0, 1

Copyright:
Copyright (C) 2005-2013 Lofocus(洛克思)安全實驗室

Original file name:
SystemClean.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\beattrojansecuritysuite2012\beattrojan2012\systemclean.dll

Digital Signature
Signed by:
Beijing Wen Ming Tian Xia Technologies Co., Ltd

Authority:
WoSign eCommerce Services Limited

Valid from:
6/27/2012 9:21:12 PM

Valid to:
7/1/2014 8:20:07 AM

Subject:
E=webmaster@lofocus.com, CN="Beijing Wen Ming Tian Xia Technologies Co., Ltd", O="Beijing Wen Ming Tian Xia Technologies Co., Ltd", L=Beijing, S=Beijing, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
0EC83A8455BEE7

File PE Metadata
Compilation timestamp:
6/9/2012 11:39:37 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:9r9qVKJgpr2ycNYeNAG3pHtHMOh0SnVF+T+BH2TwB:PqxrFR2A2nHzh5b+SBH2T

Entry address:
0x8B45

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, CC, 50, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00...
 
[+]

Entropy:
6.1857

Code size:
60 KB (61,440 bytes)

Scan SystemClean.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.