home

win7feature.exe

BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.

Publisher:
BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.  (signed and verified)

MD5:
e3058832af4cd7f2a07aee7bf7901c77

SHA-1:
bfd05ab470f578d3b005939bd3e95393ec4e84eb

SHA-256:
43a805ac72d4074f6ff1b161e843a9f96c9ca85c4a82e640e916b61619a7dd19

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:18:41 AM UTC  (today)

File size:
18.9 KB (19,400 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\qiyi\win7feature.exe

Digital Signature
Signed by:
BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.

Authority:
VeriSign, Inc.

Valid from:
12/28/2010 8:00:00 AM

Valid to:
12/28/2013 7:59:59 AM

Subject:
CN="BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.", L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
538E4B92BDF74EF5BC1D025B2D4F22C6

File PE Metadata
Compilation timestamp:
11/30/2011 11:08:45 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
384:3dbgFnlu+nr2+3/HwPV5p1OfYJLNIbDeMgbE6K:3dbO8+nr9PQdDL/bi

Entry address:
0x20B6

Entry point:
E8, D8, 03, 00, 00, E9, 6B, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 48, 41, 40, 00, 89, 0D, 44, 41, 40, 00, 89, 15, 40, 41, 40, 00, 89, 1D, 3C, 41, 40, 00, 89, 35, 38, 41, 40, 00, 89, 3D, 34, 41, 40, 00, 66, 8C, 15, 60, 41, 40, 00, 66, 8C, 0D, 54, 41, 40, 00, 66, 8C, 1D, 30, 41, 40, 00, 66, 8C, 05, 2C, 41, 40, 00, 66, 8C, 25, 28, 41, 40, 00, 66, 8C, 2D, 24, 41, 40, 00, 9C, 8F, 05, 58, 41, 40, 00, 8B, 45, 00, A3, 4C, 41, 40, 00, 8B, 45, 04, A3, 50, 41, 40, 00, 8D, 45, 08, A3, 5C, 41, 40...
 
[+]

Entropy:
6.3545

Code size:
5.5 KB (5,632 bytes)

Scan win7feature.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.