home

xm.exe

Wellbia.com Co., Ltd.

Publisher:
Wellbia.com Co., Ltd.  (signed and verified)

MD5:
a6da5b74cb3194623dafd73eba401cff

SHA-1:
f52a57d6b75b34bdda68d721ea93fb3214c4c36d

SHA-256:
fe7b92bcad6ebba8cc0b04d70339860f23222b2284ffe955a312c9e3d94b10cc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 10:13:08 PM UTC  (today)

File size:
256 KB (262,152 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\dragonfly\special force\xigncode\xm.exe

Digital Signature
Signed by:
Wellbia.com Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/19/2012 7:00:00 AM

Valid to:
2/21/2014 6:59:59 AM

Subject:
CN="Wellbia.com Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Wellbia.com Co., Ltd.", L=Guro-Gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
641E26C23FA180796B3E000F8D29CF7C

File PE Metadata
Compilation timestamp:
7/23/2013 9:27:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:e5JwFPXH2tDLdzvGSmo65ZKdt1yzi9kH7yW/NyZphYZM1qqwHwR1wQwkwFwIwlw3:eTwFPILdKSmhi6B4ZphYZM1qWZa

Entry address:
0x51AB

Entry point:
E8, F9, 97, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 56, 8B, 75, 0C, 56, E8, 89, A4, 00, 00, 89, 45, 0C, 8B, 46, 0C, 59, A8, 82, 75, 17, E8, AA, 0F, 00, 00, C7, 00, 09, 00, 00, 00, 83, 4E, 0C, 20, 83, C8, FF, E9, 2F, 01, 00, 00, A8, 40, 74, 0D, E8, 8F, 0F, 00, 00, C7, 00, 22, 00, 00, 00, EB, E3, 53, 33, DB, A8, 01, 74, 16, 89, 5E, 04, A8, 10, 0F, 84, 87, 00, 00, 00, 8B, 4E, 08, 83, E0, FE, 89, 0E, 89, 46, 0C, 8B, 46, 0C, 83, E0, EF, 83, C8, 02, 89, 46, 0C, 89, 5E, 04, 89, 5D, FC, A9, 0C, 01, 00...
 
[+]

Entropy:
7.2833

Code size:
75 KB (76,800 bytes)

Scan xm.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.