home

tklobby.exe

JJ比赛大厅

JJ World(Beijing) Network Technology Co., LTD

Publisher:
竞技世界(北京)网络技术有限公司  (signed by JJ World(Beijing) Network Technology Co., LTD)

Product:
JJ比赛大厅

Version:
0.6.2.19

MD5:
ad49731799fbaf466906f100f7d7991e

SHA-1:
3ed62d4c5ca4b1928b678619b966ddc4d4b7147f

SHA-256:
f8694c4d0e80144eda1ac0c76ca6671bff9d0b7d23dd941c4bfbb5b791476107

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 9:43:58 PM UTC  (today)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
12.15.11.00

File size:
621.7 KB (636,624 bytes)

Product version:
0.6.2.19

Copyright:
竞技世界(北京)网络技术有限公司 版权所有 (C) 2007-2011

Original file name:
JJ比赛大厅

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\jj񊊁\tklobby.exe

Digital Signature
Signed by:
JJ World(Beijing) Network Technology Co., LTD

Authority:
VeriSign, Inc.

Valid from:
8/24/2010 8:00:00 PM

Valid to:
8/24/2013 7:59:59 PM

Subject:
CN="JJ World(Beijing) Network Technology Co., LTD", OU=System Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="JJ World(Beijing) Network Technology Co., LTD", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
05B3A09BD8DE808F6AE64764EB938059

File PE Metadata
Compilation timestamp:
9/13/2011 4:47:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
12288:kqwxfbiPi5DPUs0IWwdpo7MrpCE/Raa22DRaUHueu6uKnar2:5AVDPlTWw3o7Mr1sa2u4UHgOar2

Entry address:
0xC3112

Entry point:
60, E8, FC, 71, 02, 00, 60, 60, E8, 46, D4, FF, FF, 60, 46, 60, 88, 2C, 24, 47, 88, 74, 24, 08, 9C, 8D, 64, 24, 44, E9, DE, B0, 02, 00, 94, 24, E0, D4, 8D, 04, 18, 04, B8, 10, AE, 7E, 98, EB, 77, C3, 29, 46, 98, 96, 1D, AC, A0, E4, 82, 62, 67, B0, 36, C4, 86, 0F, 05, 7C, CD, 80, 4B, 5D, 3C, 6A, 12, 13, 10, 28, 32, B5, 37, AA, 5C, C5, F8, 1C, 31, A5, 40, 48, 4B, F4, E6, C1, 71, 5D, D7, 0F, 65, 65, 12, 0B, F6, D4, 60, 3F, F3, 4E, DE, 16, 8E, 56, EC, 68, 92, A1, 44, 6A, 18, EC, 6E, 64, 7C, 00, 97, F8, 91, 1A...
 
[+]

Entropy:
7.8581

Packer / compiler:
ASPack v1.08.04

Code size:
196 KB (200,704 bytes)

Scan tklobby.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.