21945578.exe

Brotsoft technology co., limited

The application 21945578.exe by Brotsoft technology co., limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Brotsoft technology co., limited  (signed and verified)

MD5:
48398b7051fc6e90506e964cd9173c2c

SHA-1:
97d78e875407a558328e62797e964963fe0bdba6

SHA-256:
16cd62d04dff836ad6fd21354221508f7e398d74d30f44f772e1f86ad92aff83

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 6:34:26 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BeijingFantasyGame.Optional.Meta (L)
16.2.5.7

File size:
412.7 KB (422,560 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\21945578.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
1/25/2016 9:00:00 PM

Valid to:
1/25/2017 8:59:59 PM

Subject:
CN="Brotsoft technology co., limited", OU=Software Department, O="Brotsoft technology co., limited", L=Hongkong, S=Hongkong, C=HK, SERIALNUMBER=1848251, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=HK

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
4FAA72E1FE7F038B1FC0A54FA06505A7

File PE Metadata
Compilation timestamp:
2/5/2016 3:33:00 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:z9bguIXKIEIFcMYj0tNEZXHX6zf8L72pGyYoKbrUa4mmVXg/DR8b9ZH:dg+u+2p5YoKUdrb9Z

Entry address:
0x36BFD

Entry point:
E8, 1F, A5, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 57, 33, F6, 6A, 00, FF, 75, 0C, FF, 75, 08, E8, F5, A6, 00, 00, 8B, F8, 83, C4, 0C, 85, FF, 75, 25, 39, 05, 78, 2B, 46, 00, 76, 1D, 56, E8, 7F, 15, 00, 00, 81, C6, E8, 03, 00, 00, 59, 3B, 35, 78, 2B, 46, 00, 76, 03, 83, CE, FF, 83, FE, FF, 75, C5, 8B, C7, 5F, 5E, 5D, C3, 55, 8B, EC, 53, 56, 57, 8B, 3D, 78, 2B, 46, 00, 33, F6, FF, 75, 08, E8, 67, E9, FF, FF, 8B, D8, 59, 85, DB, 75, 23, 85, FF, 74, 1F, 56, E8, 3B, 15, 00, 00, 8B, 3D, 78, 2B, 46, 00, 81...
 
[+]

Code size:
305.5 KB (312,832 bytes)

Remove 21945578.exe - Powered by Reason Core Security