home

xiaomaupdatecomregistershell64.exe

成都海宇通电气自动化工程有限公司

Publisher:
成都海宇通电气自动化工程有限公司  (signed and verified)

MD5:
261e973c7e1c7ca7a50b07387c10710f

SHA-1:
93304f5812d6791e2a6ac9f1d1c9826d29d17ed9

SHA-256:
af70b8ff8115f51a45d86ebd7a9af7093bfda7c8d211b2e67291d08cb425135e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/15/2026 1:27:58 AM UTC  (today)

File size:
172 KB (176,152 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\xiaomaupdatecomregistershell64.exe

Digital Signature
Signed by:
成都海宇通电气自动化工程有限公司

Authority:
WoSign CA Limited

Valid from:
5/6/2016 11:22:47 AM

Valid to:
6/6/2018 11:22:47 AM

Subject:
CN=成都海宇通电气自动化工程有限公司, O=成都海宇通电气自动化工程有限公司, L=成都市, S=四川省, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
4A10735F7BFEF63431117117B6A8D6E9

File PE Metadata
Compilation timestamp:
2/16/2017 8:02:59 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x60F8

Entry point:
48, 83, EC, 28, E8, DB, 05, 00, 00, 48, 83, C4, 28, E9, 82, FE, FF, FF, CC, CC, E9, 03, 4A, 00, 00, CC, CC, CC, E9, F3, FF, FF, FF, CC, CC, CC, 48, 83, EC, 28, E8, 57, 0B, 00, 00, 85, C0, 74, 21, 65, 48, 8B, 04, 25, 30, 00, 00, 00, 48, 8B, 48, 08, EB, 05, 48, 3B, C8, 74, 14, 33, C0, F0, 48, 0F, B1, 0D, 08, 1D, 02, 00, 75, EE, 32, C0, 48, 83, C4, 28, C3, B0, 01, EB, F7, CC, CC, CC, 40, 53, 48, 83, EC, 20, 0F, B6, 05, 23, 1D, 02, 00, 85, C9, BB, 01, 00, 00, 00, 0F, 44, C3, 88, 05, 13, 1D, 02, 00, E8, 3A, 09...
 
[+]

Entropy:
6.2550

Code size:
82 KB (83,968 bytes)

Scan xiaomaupdatecomregistershell64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.