home

xf_qb_1800.exe

旋风影音安装程序

Shanghai Digital Century Network Co.,Ltd.

Publisher:
www.xuanfeng.com  (signed by Shanghai Digital Century Network Co.,Ltd.)

Product:
旋风影音安装程序

Version:
2.8.0.0

MD5:
213a65beea8ba69239029b8272eefeaf

SHA-1:
ca75f25b7980eac9d3c0ff86e53d99b3ad0e452e

Scanner detections:
12 / 68

Status:
Clean  (12 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 5:29:08 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
BDS/Rogue.4185600
8.3.1.6

Dr.Web
BackDoor.BlackHole.19740
9.0.1.09

ESET NOD32
Win32/FlyStudio.Packed.AD potentially unwanted (variant)
10.11285

Fortinet FortiGate
W32/OnLineGames.AJN!tr
1/9/2016

K7 AntiVirus
Trojan
13.200.15187

McAfee
Flyagent
5600.6525

Panda Antivirus
Trj/OCJ.F
16.01.09.06

Qihoo 360 Security
HEUR/Malware.QVM17.Gen
1.0.0.1015

Rising Antivirus
PE:Packer.Win32.Agent.g!1075137382
23.00.65.16107

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_GEN.F47V0103
7.2.9

VIPRE Antivirus
Trojan.Win32.Generic
38222

File size:
4 MB (4,193,304 bytes)

Product version:
2.8.0.0

Copyright:
www.xuanfeng.com 版权所有

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\xf_qb_1800.exe

Digital Signature
Signed by:
Shanghai Digital Century Network Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
6/14/2013 8:00:00 AM

Valid to:
6/15/2014 7:59:59 AM

Subject:
CN="Shanghai Digital Century Network Co.,Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Shanghai Digital Century Network Co.,Ltd.", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7A9614A6E69B814BF05CB1C6A3F266EE

File PE Metadata
Compilation timestamp:
1/22/2014 6:14:29 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:PhH+96myJTZZ4437qAKK21t95ZfgOM/NsMaqa9HtXD9w:Px+96mWNZprqtRxLUibqa9HtXD9w

Entry address:
0x5AE20

Entry point:
B8, 8C, B7, C6, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 89, 52, E8, 06, DC, 0E, 6F, 6D, 99, 10, E1, 06, D3, 33, 5A, 87, A1, 88, EA, 53, B5, 73, 37, 32, EB, EC, E0, 92, AE, E9, CD, 27, 31, 5B, B0, 8C, AD, 58, 77, DA, B7, FD, 5B, 53, 4A, B7, 43, 88, E9, F1, B6, 0B, 00, D9, 07, 3B, 53, FC, D0, 42, 4D, 76, 97, 2C, 1C, 52, ED, EA, 25, E7, 7D, F2, 53, FD, 8C, 6A, 5C, DA, EB, 47, 3C, A4, 6E, 8F, D1, 19, 6C, 1B, 08, CB, 94, 51, 0F...
 
[+]

Entropy:
7.9971

Packer / compiler:
PECompact v2

Code size:
507 KB (519,168 bytes)

Scan xf_qb_1800.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.