home

手心输入法_2.2.0.1216.exe

手心输入法

北京酷睿蒙数字科技有限公司

This is a setup program which is used to install the application. The file has been seen being downloaded from down.xinshuru.com.
Publisher:
北京酷睿蒙数字科技有限公司  (signed and verified)

Product:
手心输入法

Description:
手心输入法 安装程序

Version:
2.2.0.1216

MD5:
36fd0a01f371dc488c6b82dd473c1edf

SHA-1:
984d0213d4028530faf6247a5a6d65f36c161600

SHA-256:
0b9669006b3ec0b6a0c89a8605fbd1c6c518fbd2212d814b4e5ae6a9f201a284

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 2:09:01 PM UTC  (today)

File size:
31.7 MB (33,189,384 bytes)

Product version:
2.2.0.1216

Copyright:
(C) xinshuru.com All Rights Reserved.

Original file name:
PalmInput_2.2.0.1216.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
北京酷睿蒙数字科技有限公司

Authority:
WoSign CA Limited

Valid from:
3/9/2015 3:39:08 PM

Valid to:
12/30/2016 3:39:08 PM

Subject:
CN=北京酷睿蒙数字科技有限公司, O=北京酷睿蒙数字科技有限公司, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
462369F32AE19461418B658123BA2103

File PE Metadata
Compilation timestamp:
8/17/2015 10:05:06 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
786432:/F7NsFoCk8Qv0t8iNqACapn/moslf9B7PPbVCf27kd3TZXnn:VN4ooQctWaaf9vC2YnXn

Entry address:
0x7FD8B

Entry point:
E8, 61, DC, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 56, 8D, 45, FC, 50, FF, 75, 0C, FF, 75, 08, E8, 84, EF, 00, 00, 8B, F0, 83, C4, 0C, 85, F6, 75, 18, 39, 45, FC, 74, 13, E8, 5E, 0F, 00, 00, 85, C0, 74, 0A, E8, 55, 0F, 00, 00, 8B, 4D, FC, 89, 08, 8B, C6, 5E, C9, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 0C, 57, 85, C9, 0F, 84, 92, 00, 00, 00, 56, 53, 8B, D9, 8B, 74, 24, 14, F7, C6, 03, 00, 00, 00, 8B, 7C, 24, 10, 75, 0B, C1, E9, 02, 0F, 85, 85, 00, 00, 00, EB...
 
[+]

Entropy:
7.9714  (probably packed)

Code size:
660.5 KB (676,352 bytes)

The file 手心输入法_2.2.0.1216.exe has been seen being distributed by the following URL.

http://down.xinshuru.com/.../PalmInput_2.2.0.1216.exe

Scan 手心输入法_2.2.0.1216.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.