朱天才解读太极拳—朱天才+著@155_1302541.exe

downloader

Hefei Lewei Information Technology Co.,Ltd.

The application 朱天才解读太极拳—朱天才+著@155_1302541.exe by Hefei Lewei Information Technology Co.,Ltd has been detected as a potentially unwanted program by 4 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from url.tudown.com.
Publisher:

Product:
downloader

Version:
1.0.2.3

MD5:
c5be3bcc321d74437c7037e8c7d4035e

SHA-1:
39ca0309ec39b7dd30917a131a44bad460840bb5

SHA-256:
28f2d42d1b64e9ef32b47367778761888dbe62b20e0c3f58b4dad9eff7f3cfb0

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 6:30:22 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Qjwmonkey.79
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.84
11.5.0.6191

ESET NOD32
Win32/Adware.Qjwmonkey.C application
8.0.319.0

Norman
Gen:Variant.Application.Bundler.84
22.05.2016 07:18:28

File size:
836.5 KB (856,560 bytes)

Product version:
1.0.2.3

Original file name:
downloader

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\朱天才解读太极拳—朱天才+著@155_1302541.exe

Digital Signature
Authority:
WoSign CA Limited

Valid from:
10/29/2015 2:17:37 PM

Valid to:
10/29/2016 2:17:37 PM

Subject:
CN="Hefei Lewei Information Technology Co.,Ltd.", O="Hefei Lewei Information Technology Co.,Ltd.", L=Hefei, S=Anhui, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
5AB7015B756534ACC678E7DB75D22D97

File PE Metadata
Compilation timestamp:
6/20/2016 2:44:32 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:T6OhL0zSQvO7ExdzqTBknD4MCAFZjRLWU6BRBq8BZhrnkNUNTQd3w:Lh0UExtMEDNrRKU6BRBLtrnkNUpQd3w

Entry address:
0x2D556

Entry point:
E8, 7E, B1, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 0C, 57, 33, FF, 85, F6, 74, 1B, 6A, E0, 33, D2, 58, F7, F6, 3B, 45, 10, 73, 0F, E8, A4, 11, 00, 00, C7, 00, 0C, 00, 00, 00, 33, C0, EB, 3C, 0F, AF, 75, 10, 53, 8B, 5D, 08, 85, DB, 74, 09, 53, E8, F0, 2A, 00, 00, 59, 8B, F8, 56, 53, E8, BA, B2, 00, 00, 8B, D8, 59, 59, 85, DB, 74, 15, 3B, FE, 73, 11, 2B, F7, 8D, 04, 1F, 56, 6A, 00, 50, E8, 11, 00, 00, 00, 83, C4, 0C, 8B, C3, 5B, 5F, 5E, 5D, C3, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C...
 
[+]

Entropy:
7.0637

Code size:
364 KB (372,736 bytes)

The file 朱天才解读太极拳—朱天才+著@155_1302541.exe has been seen being distributed by the following URL.