home

新注音解碼器.exe

Version:
1.0.90.00

MD5:
155586204139ed38d940a3e097a60970

SHA-1:
79f9f6479c21714ac4ade0d7df3a322cc3a43f6a

SHA-256:
f44aae238797ac7c2814acde3f4d69df4b322cb80cc93927943a09187dd9e73d

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/8/2024 6:31:39 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Virus.Win32.Cryptor
t3scan.2.0.0.0

McAfee
Artemis!CBAD5A099FEA
5600.6801

Trend Micro House Call
TROJ_GEN.F47V0508
7.2.193

Vba32 AntiVirus
TrojanPSW.OnLineGames.xk
3.12.22.0

File size:
781.4 KB (800,146 bytes)

Product version:
1.0.90.00

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\???????\??????.exe

File PE Metadata
Compilation timestamp:
11/27/2010 5:43:05 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:drMUsWbuucAT6qaNtAKvkuEgS7+0nPhV+/QwKuzUeYcMVKZTiBF1gH3:drjyuPT6JtAHXgE+UI/K8YcyKZTg1gH3

Entry address:
0x85703

Entry point:
E8, 96, 9E, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 0C, 53, 57, 8B, 7D, 08, 33, DB, 3B, FB, 75, 18, E8, 0D, 1F, 00, 00, C7, 00, 16, 00, 00, 00, E8, B0, 1E, 00, 00, 83, C8, FF, E9, 65, 01, 00, 00, 56, 57, E8, F4, 96, 00, 00, 8B, F0, 59, 89, 75, F8, 39, 5F, 04, 7D, 03, 89, 5F, 04, 6A, 01, 53, 56, E8, 58, 9F, 00, 00, 83, C4, 0C, 89, 45, FC, 3B, C3, 0F, 8C, FB, 00, 00, 00, 8B, 57, 0C, F7, C2, 08, 01, 00, 00, 75, 08, 2B, 47, 04, E9, 25, 01, 00, 00, 8B, 07, 8B, 4F, 08, 8B, D8, 2B, D9, 89, 5D, F4...
 
[+]

Entropy:
6.5073

Code size:
605 KB (619,520 bytes)

Scan 新注音解碼器.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.