home

3922270.exe

Brotsoft technology co., limited

The application 3922270.exe by Brotsoft technology co., limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Brotsoft technology co., limited  (signed and verified)

MD5:
e00e92bcb8eb8445ee61cbbd08576d7b

SHA-1:
ca1b7597dae4f3738f6936ad5521b006a83e2e14

SHA-256:
6c5ad285ca9c5d84342dbb119a1831c19564337652bf29792d1c5ef08fffb9fc

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 6:49:15 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BeijingFantasyGame.Optional (L)
16.8.29.22

File size:
412.7 KB (422,560 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\3922270.exe

Digital Signature
Signed by:
Brotsoft technology co., limited

Authority:
Symantec Corporation

Valid from:
1/25/2016 8:00:00 PM

Valid to:
1/25/2017 7:59:59 PM

Subject:
CN="Brotsoft technology co., limited", OU=Software Department, O="Brotsoft technology co., limited", L=Hongkong, S=Hongkong, C=HK, SERIALNUMBER=1848251, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=HK

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
4FAA72E1FE7F038B1FC0A54FA06505A7

File PE Metadata
Compilation timestamp:
2/5/2016 2:33:00 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:z9bguIXKIEIFcMYj0tNEZXHX6zf8L72pGyYoKbrUa4mmVXg/DR8b9ZH:dg+u+2p5YoKUdrb9Z

Entry address:
0x36BFD

Entry point:
E8, 1F, A5, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 57, 33, F6, 6A, 00, FF, 75, 0C, FF, 75, 08, E8, F5, A6, 00, 00, 8B, F8, 83, C4, 0C, 85, FF, 75, 25, 39, 05, 78, 2B, 46, 00, 76, 1D, 56, E8, 7F, 15, 00, 00, 81, C6, E8, 03, 00, 00, 59, 3B, 35, 78, 2B, 46, 00, 76, 03, 83, CE, FF, 83, FE, FF, 75, C5, 8B, C7, 5F, 5E, 5D, C3, 55, 8B, EC, 53, 56, 57, 8B, 3D, 78, 2B, 46, 00, 33, F6, FF, 75, 08, E8, 67, E9, FF, FF, 8B, D8, 59, 85, DB, 75, 23, 85, FF, 74, 1F, 56, E8, 3B, 15, 00, 00, 8B, 3D, 78, 2B, 46, 00, 81...
 
[+]

Code size:
305.5 KB (312,832 bytes)

Remove 3922270.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.