home

TangoWeb.exe

糖果浏览器

Beijing Tangguo Network Technique Co.,Ltd.

Publisher:
北京糖果网络技术有限公司  (signed by Beijing Tangguo Network Technique Co.,Ltd.)

Product:
糖果浏览器

Version:
3.0.0.1

MD5:
f50f2da11f15746db497175e47ecd28f

SHA-1:
2cf294849a9a793574e066e5fb11a70c33f55681

SHA-256:
3b059b3bb62e5f3a9afe88f762b62ae733c63c0762628d1bf80810cc2f4ad73f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/20/2024 2:07:05 PM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Trojan.Perflog.11
3.12.22.1

File size:
1.6 MB (1,648,248 bytes)

Product version:
3.0.0.1

Trademarks:
糖果浏览器

Original file name:
TangoWeb.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\yxgjds\bin\tangoweb.exe

Digital Signature
Signed by:
Beijing Tangguo Network Technique Co.,Ltd.

Authority:
Thawte, Inc.

Valid from:
12/4/2012 7:00:00 PM

Valid to:
1/4/2015 6:59:59 PM

Subject:
CN="Beijing Tangguo Network Technique Co.,Ltd.", OU=Software Department, O="Beijing Tangguo Network Technique Co.,Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3DDAA772585D1E66A18B8BE6036CE765

File PE Metadata
Compilation timestamp:
4/27/2013 10:50:14 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:E5q5uzWT8DAaTHUExWpL/qbprh+GfdlIjPpor/DQGNMEz0:E5+uFhmor/s

Entry address:
0x2E015

Entry point:
E8, 8F, 7E, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, 34, B5, 4C, 00, 75, 02, F3, C3, E9, 0F, 7F, 00, 00, 51, 53, 55, 56, 57, FF, 35, A8, 89, 4D, 00, E8, 52, 78, 00, 00, FF, 35, A4, 89, 4D, 00, 8B, F0, 89, 74, 24, 18, E8, 41, 78, 00, 00, 8B, F8, 3B, FE, 59, 59, 72, 7C, 8B, DF, 2B, DE, 8D, 6B, 04, 83, FD, 04, 72, 70, 56, E8, B9, 6A, 00, 00, 8B, F0, 3B, F5, 59, 73, 4A, B8, 00, 08, 00, 00, 3B, F0, 73, 02, 8B, C6, 03, C6, 3B, C6, 72, 10, 50, FF, 74, 24, 14, E8, 3E, 80, 00, 00, 85, C0, 59, 59, 75, 17, 8D, 46, 10, 3B...
 
[+]

Entropy:
6.3834

Code size:
628 KB (643,072 bytes)

Scan TangoWeb.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.