autoclicker.exe

楼月鼠标连点器 应用程序

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘liandianqi’. The file has been seen being downloaded from www.downloadcollection.com and multiple other hosts.
Product:
楼月鼠标连点器 应用程序

Description:
LianDianQi Microsoft 基础类应用程序

Version:
1, 0, 0, 1

MD5:
c5040298686c88f685a9968d1b13fbbf

SHA-1:
78bfcf1117a92507e0f4129d94396b71ed3bb6ba

SHA-256:
4225ce51e70072e439f3aeffda42c88deb8a29f17a9efc56d177de3305f211e8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 4:12:31 AM UTC  (today)

File size:
56 KB (57,344 bytes)

Product version:
1, 0, 0, 1

Copyright:
版权所有 (C) 2012

Original file name:
LianDianQi.EXE

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\cok software\cok free auto clicker\autoclicker.exe

File PE Metadata
Compilation timestamp:
7/25/2014 11:24:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:HnKnHs2cL9H8g4oivgTdd8C+1d3xsd3MC:HKnHtc/p1+1d3yd3t

Entry address:
0x468E

Entry point:
55, 8B, EC, 6A, FF, 68, B8, 5D, 40, 00, 68, 14, 48, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 50, 53, 40, 00, 59, 83, 0D, 78, 75, 40, 00, FF, 83, 0D, 7C, 75, 40, 00, FF, FF, 15, 4C, 53, 40, 00, 8B, 0D, 6C, 75, 40, 00, 89, 08, FF, 15, 48, 53, 40, 00, 8B, 0D, 68, 75, 40, 00, 89, 08, A1, 44, 53, 40, 00, 8B, 00, A3, 74, 75, 40, 00, E8, 16, 01, 00, 00, 39, 1D, A0, 72, 40, 00, 75, 0C, 68, 10, 48, 40, 00, FF, 15, 40, 53...
 
[+]

Entropy:
4.4588

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
16 KB (16,384 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
liandianqi

Command:
C:\Program Files\cok software\cok free auto clicker\autoclicker.exe


The file autoclicker.exe has been seen being distributed by the following 2 URLs.

http://www.downloadcollection.com/downloadredirect.php?idx=676907

Scan autoclicker.exe - Powered by Reason Core Security