home

traydownloader.exe

Tray downloader

Taiwan Shui Mu Chih Ching Technology Limited

The application traydownloader.exe, “downloader component” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 14 anti-malware scanners.
Publisher:
Taiwan Shui Mu Chih Ching Technology Limited.  (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:
Tray downloader

Description:
downloader component

Version:
1.4.17.7189

MD5:
82060adefe3af9aa08e07a5d3ee19e89

SHA-1:
4bc06907b8768f9bf76f00e04041b33e9d93be22

SHA-256:
4228ae626eae3941246f2b103d47b49bea9d9a460aaa408c8f7920c2215ced23

Scanner detections:
14 / 68

Status:
Adware

Analysis date:
4/25/2024 7:53:32 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Win32/Kashu.E
2014.08.29

avast!
Win32:Sality
2014.9-160204

AVG
Taishumu
2017.0.2844

Dr.Web
Adware.Mutabaha.50
9.0.1.035

IKARUS anti.virus
not-a-virus:AdWare.Win32.D365
t3scan.2.2.29

K7 AntiVirus
Virus
13.183.13198

Microsoft Security Essentials
Threat.Undefined
1.183.771.0

Norman
Sality.ZHB
11.20160204

Qihoo 360 Security
Malware.QVM19.Gen
1.0.0.1015

Reason Heuristics
PUP.Thinknice.TaiwanShuiMuChihChingTechnology (M)
16.2.4.7

Trend Micro House Call
TROJ_GEN.F47V1021
7.2.35

Trend Micro
PE_SALITY.ER
10.465.04

Vba32 AntiVirus
AdWare.D365
3.12.24.3

VIPRE Antivirus
Threat.4758034
32210

File size:
148.2 KB (151,720 bytes)

Product version:
1.4.17.7189

Copyright:
Copyright (C) 2012

Original file name:
TrayDown.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese

Common path:
C:\Program Files\omiga plus\traydownloader.exe

Digital Signature
Signed by:
Taiwan Shui Mu Chih Ching Technology Limited

Authority:
GlobalSign nv-sa

Valid from:
3/13/2013 4:15:13 AM

Valid to:
3/14/2014 4:15:13 AM

Subject:
CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=新北, S=台湾, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121243D90C81CD8FEC70E99813154FB6459

File PE Metadata
Compilation timestamp:
5/17/2013 10:01:37 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:WcZFP0GjhBUg7Mmyu7FwtN2OTQXOqQFN68jLmv3:WcZFP0GjhBUg7MmyntN2OoOFFN6H

Entry address:
0xB536

Entry point:
E8, 08, 06, 00, 00, E9, 6B, FD, FF, FF, FF, 25, 50, D1, 40, 00, FF, 25, 58, D1, 40, 00, CC, CC, CC, CC, 53, 56, 8B, 44, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 14, 8B, 44, 24, 10, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 0C, F7, F1, 8B, D3, EB, 41, 8B, C8, 8B, 5C, 24, 14, 8B, 54, 24, 10, 8B, 44, 24, 0C, D1, E9, D1, DB, D1, EA, D1, D8, 0B, C9, 75, F4, F7, F3, 8B, F0, F7, 64, 24, 18, 8B, C8, 8B, 44, 24, 14, F7, E6, 03, D1, 72, 0E, 3B, 54, 24, 10, 77, 08, 72, 07, 3B, 44, 24, 0C, 76, 01, 4E, 33, D2, 8B, C6, 5E, 5B, C2...
 
[+]

Code size:
46 KB (47,104 bytes)

Remove traydownloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.