home

windows雄党葩苤馱撿.exe

RepairDrv 应用程序

Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.

Publisher:
Mingwah Technologies Co., Ltd  (signed by Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.)

Product:
RepairDrv 应用程序

Description:
UKey Repair Driver

Version:
1, 0, 1, 0

MD5:
a3f8601d8c9b549f49eead4af3d2a41d

SHA-1:
e65cca690299d81910f239ed29bc5a19c977cff0

SHA-256:
0586292e2691a51a394d4a29d0f30fa74aef964e7f062c1fc296b8341b126141

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 3:24:27 AM UTC  (today)

File size:
884.5 KB (905,704 bytes)

Product version:
1, 0, 1, 0

Copyright:
Copyright (c) 2007 - 2010

Original file name:
RepairDrv.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\windows雄党葩苤馱撿.exe

Digital Signature
Signed by:
Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
9/29/2010 8:00:00 AM

Valid to:
11/29/2011 7:59:59 AM

Subject:
CN="Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.", L=shenzhen, S=guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
48101CC00E245F5758C9A03FC1202842

File PE Metadata
Compilation timestamp:
6/8/2011 8:10:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:D9qTegxAmn/ULmF42b9vi4rB1NvjTs7RR3pgdCnSe/A8A3gFQWgcyZXiTsRj+I7I:NVaFHpvpJTs7L3gCnSeI7gW1dZXiA1I

Entry address:
0x337001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 70, 33, 00, 83, BD, 88, 04, 00, 00, 00, 89, 9D, 88, 04, 00, 00, 0F, 85, CB, 03, 00, 00, 8D, 85, 94, 04, 00, 00, 50, FF, 95, A9, 0F, 00, 00, 89, 85, 8C, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, A5, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74...
 
[+]

Entropy:
7.9543

Packer / compiler:
ASPack v2.12

Code size:
12 KB (12,288 bytes)

Scan windows雄党葩苤馱撿.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.