home

vstlive.exe

VST直播

Alipay.com Corporation

The executable vstlive.exe has been detected as malware by 23 anti-virus scanners.
Publisher:
VST  (signed by Alipay.com Corporation)

Product:
VST直播

Version:
1.0.0.1

MD5:
2b1db93ba3733cf7b33aa6713b72169d

SHA-1:
060f7cf2359e5088f60f6cf26a808911c405517b

SHA-256:
98b737e370c4d372029e11a1a5ec7e206a744d539eddaff0ba6027ced625891c

Scanner detections:
23 / 68

Status:
Malware

Analysis date:
5/2/2024 2:04:07 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11463896
11

AegisLab AV Signature
Uds.Dangerousobject.Multi!c
2.1.4+

Agnitum Outpost
Trojan.VbCrypt
7.1.1

Avira AntiVirus
TR/Rogue.368440
8.3.3.2

Arcabit
Trojan.Generic.DAEECD8
1.0.0.656

Bitdefender
Trojan.Generic.11463896
1.0.20.120

Comodo Security
Worm.Win32.Dropper.RA
24365

Dr.Web
Trojan.VbCrypt.250
9.0.1.024

Emsisoft Anti-Malware
Trojan.Generic.11463896
8.17.01.24.09

F-Secure
Trojan.Generic.11463896
11.2017-24-01_3

G Data
Trojan.Generic.11463896
17.1.25

IKARUS anti.virus
Trojan-Downloader.Win32.Cutwail
t3scan.2.0.8.0

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.-1062

McAfee
Artemis!2B1DB93BA373
5600.6145

MicroWorld eScan
Trojan.Generic.11463896
18.0.0.72

NANO AntiVirus
Trojan.Win32.VbCrypt.drpzwo
1.0.14.6204

nProtect
Trojan.Generic.11463896
16.02.26.01

Panda Antivirus
Trj/Chgt.D
17.01.24.09

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.17122

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_SPNR.15A615
7.2.24

Trend Micro
TROJ_SPNR.15A615
10.465.24

VIPRE Antivirus
Trojan.Win32.Generic
47530

File size:
359.8 KB (368,440 bytes)

Product version:
1.0.0.1

Copyright:
QQ243944493

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\vst眻畦璃唳\vstlive.exe

Digital Signature
Signed by:
Alipay.com Corporation

Authority:
Alipay.com Corporation

Valid from:
11/6/2013 3:27:41 PM

Valid to:
11/6/2015 3:27:41 PM

Subject:
L=TPW, T=m-alipay, O=Alipay.com Corporation, OU=CA Center, CN=ea32f32d320356eebdf06fbed7cbe853

Issuer:
CN=Alipay.com Corporation Machine CA, OU=Machine CA Center, O=Alipay.com Corporation

Serial number:
5E702D11719D45B4843361B5D29639C0

File PE Metadata
Compilation timestamp:
7/1/2014 5:37:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x109001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 90, 10, 00, 83, BD, 22, 04, 00, 00, 00, 89, 9D, 22, 04, 00, 00, 0F, 85, 65, 03, 00, 00, 8D, 85, 2E, 04, 00, 00, 50, FF, 95, 4D, 0F, 00, 00, 89, 85, 26, 04, 00, 00, 8B, F8, 8D, 5D, 5E, 53, 50, FF, 95, 49, 0F, 00, 00, 89, 85, 4D, 05, 00, 00, 8D, 5D, 6B, 53, 57, FF, 95, 49, 0F, 00, 00, 89, 85, 51, 05, 00, 00, 8D, 45, 77, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72...
 
[+]

Entropy:
7.9690

Packer / compiler:
ASPack v2.12

Code size:
652 KB (667,648 bytes)

Remove vstlive.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.