home

52zsoftdown_83881.exe

52z软件加速下载器

soft.52z.com

Publisher:
soft.52z.com

Product:
52z软件加速下载器

Version:
1, 0, 0, 1

MD5:
db5a51efff6cf0f76abf7a19cef21cf3

SHA-1:
63eb5376d71418911536bf4436d1a6a98b2f4b6c

SHA-256:
0ee8a93b9d73ccada4260cade1319344d8f38dd43b4750983c2bcc9f9e64bea2

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/27/2024 8:47:34 PM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.0

File size:
1.3 MB (1,339,392 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2014

Original file name:
SoftDownload.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, China)

Common path:
C:\users\{user}\downloads\52zsoftdown_83881.exe

File PE Metadata
Compilation timestamp:
5/12/2014 4:50:43 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:jxo3F/W8h5oxMkyn/RqHSi+Z3tY5g/rfleduvY//b3M:cF/XmM3trteE4D3M

Entry address:
0x9D254

Entry point:
E8, C0, D3, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, B8, FF, FF, 00, 00, 83, EC, 14, 66, 39, 45, 08, 0F, 84, 97, 00, 00, 00, 53, FF, 75, 0C, 8D, 4D, EC, E8, 0C, EA, FF, FF, 8B, 45, EC, 8B, 48, 14, 33, DB, 3B, CB, 75, 14, 8B, 45, 08, 8D, 48, 9F, 66, 83, F9, 19, 77, 03, 83, C0, E0, 0F, B7, C0, EB, 5E, 66, 81, 7D, 08, 00, 01, 73, 29, 8D, 45, EC, 50, 6A, 02, FF, 75, 08, E8, D4, BB, 00, 00, 83, C4, 0C, 85, C0, 0F, B7, 45, 08, 74, 3D, 8B, 4D, EC, 8B, 89, D0, 00, 00, 00, 66, 0F, B6, 04, 01, EB, CA, FF, 70, 04, 8D...
 
[+]

Entropy:
6.9945

Code size:
788 KB (806,912 bytes)

The file 52zsoftdown_83881.exe has been seen being distributed by the following URL.

http://dx8.52z.com/52zsoftdown_1084.exe

Scan 52zsoftdown_83881.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.