» zhengtu_mini.dat
Overview
Analysis
File Details

zhengtu_mini.dat

《征途》客户端

ShangHai YouAn Network Technology Co., Ltd.

File name:

zhengtu_mini.dat

Publisher:

上海征途网络科技有限公司 (signed by ShangHai YouAn Network Technology Co., Ltd.)

Product:

《征途》客户端

Version:

1, 0, 0, 3711

MD5:

e6ccf15c6826376f07fa296d30ed81d2

SHA-1:

fe5d957c80f380c7c496d170ef274e8d91b539b8

SHA-256:

6c662aa5ba864eb64dc694e7eda98f4033b9ebc825b4824bbee89ed337eb6380

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/23/2024 4:43:45 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Crypt.XPACK.Gen3

7.11.30.172

Bkav FE

W32.HfsIemusi

1.3.0.7383

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

45760

File size:

8.6 KB (8,784 bytes)

Product version:

1, 0, 0, 0

Original file name:

Client.exe

Language:

Chinese (Simplified, PRC)

Common path:

C:\users\{user}\downloads\tanchinhdo 2.5\tanchinhdo 2.5\data\zhengtu_mini.dat

Digital Signature

Signed by:

ShangHai YouAn Network Technology Co., Ltd.

Authority:

WoSign eCommerce Services Limited

Valid from:

8/8/2011 12:59:50 PM

Valid to:

8/11/2014 7:08:05 AM

Subject:

E=hprotect@gmail.com, CN="ShangHai YouAn Network Technology Co., Ltd.", O="ShangHai YouAn Network Technology Co., Ltd.", L=Shanghai, S=Shanghai, C=CN

Issuer:

CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:

16560511BE2267

File PE Metadata

Compilation timestamp:

8/1/2011 4:44:06 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

96:FJeOMj57viq4WEUC3etF+xE3PuipxNBUZfp9i22nkjoqrbMGmAXOXMl84i/j:FMOMjp6tWW3sFQEzZOTi2xHTmJXV4yj

Entry address:

0x1010

Entry point:

FF, 15, 00, 10, 40, 00, 33, C0, C3, CC, CC, CC, 44, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 58, 10, 00, 00, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4C, 10, 00, 00, 00, 00, 00, 00, 00, 00, 48, 50, 4C, 6F, 61, 64, 65, 72, 00, 00, 48, 50, 4C, 6F, 61, 64, 65, 72, 2E, 64, 6C, 6C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.8554

Code size:

512 Bytes (512 bytes)

Scan zhengtu_mini.dat - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.