home

流量版.exe

流量宝流量版

Hangzhou Yunbao Network&Technology Co.,Ltd

Publisher:
Hangzhou Yunbao Network&Technology Co.,Ltd  (signed and verified)

Product:
流量宝流量版

Version:
2,2,190,1

MD5:
13dd56cb37935ab54c98c290238f5878

SHA-1:
d47dc36c075c67cdbf14860015d4461452c225e2

SHA-256:
7ca66b0f39860da4607635b9fc6869f45818e5a4b98d19cb1b61e99b8d995c73

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/25/2024 7:37:16 PM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
Win32/Trojan.Adware.37e
1.0.0.1015

File size:
1023.5 KB (1,048,088 bytes)

Product version:
2,2,190,1

Copyright:
版权所有 (C) Hangzhou Yunbao Network&Technology Co.,Ltd 2011

Original file name:
liuliangbao.EXE

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Digital Signature
Signed by:
Hangzhou Yunbao Network&Technology Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
6/14/2012 5:30:00 AM

Valid to:
6/15/2013 5:29:59 AM

Subject:
CN="Hangzhou Yunbao Network&Technology Co.,Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Hangzhou Yunbao Network&Technology Co.,Ltd", L=Hangzhou, S=Zhejiang, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
20A8A051262352A8DD384AEAB5155BB6

File PE Metadata
Compilation timestamp:
5/2/2013 7:28:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:AMQg8ocpZpRVc2inx+5n5e7YfMTtt2MIv+ugbeSWhc6TWRBpKhdzxaqv:Ay8HZpRVSHbjWpTWRBpeYqv

Entry address:
0x7AC66

Entry point:
55, 8B, EC, 6A, FF, 68, 00, 82, 49, 00, 68, D2, B0, 47, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, C0, 38, 49, 00, 59, 83, 0D, 98, C8, 4B, 00, FF, 83, 0D, 9C, C8, 4B, 00, FF, FF, 15, BC, 38, 49, 00, 8B, 0D, 2C, C8, 4B, 00, 89, 08, FF, 15, B8, 38, 49, 00, 8B, 0D, 28, C8, 4B, 00, 89, 08, A1, B4, 38, 49, 00, 8B, 00, A3, 94, C8, 4B, 00, E8, FA, 03, 00, 00, 39, 1D, 90, BF, 4B, 00, 75, 0C, 68, CE, B0, 47, 00, FF, 15...
 
[+]

Entropy:
6.6614

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
584 KB (598,016 bytes)

Scan 流量版.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.