bcihpqwaqz

Salung International Corporation

The file bcihpqwaqz has been detected as malware by 3 anti-virus scanners.
Publisher:
Salung International Corporation  (signed and verified)

MD5:
ec9bde5b7fe36ace280e55dd6689668b

SHA-1:
415d5bd02f73317a40080d53114565149779f385

SHA-256:
7a455aa282f53e56788fd4ec2c0ae6cef36844e4d324162b7acda8ba3faade2f

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
12/29/2024 6:22:30 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160518-2

ESET NOD32
MSIL/Injector.PQN trojan
8.0.319.0

Microsoft Security Essentials
Threat.Undefined
1.225.1506.0

File size:
210.7 KB (215,720 bytes)

Common path:
C:\users\{user}\appdata\local\temp\bcihpqwaqz

Digital Signature
Authority:
Salung International Corporation

Valid from:
6/25/2016 8:45:36 AM

Valid to:
6/26/2026 8:45:36 AM

Subject:
E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Issuer:
E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Serial number:
00866E0A24F3686932

File PE Metadata
Compilation timestamp:
6/27/2016 5:14:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:ePSN/SjG7q067tDbh9mGnCzPdFtaV3koPmgZuQzs:IzictDbh9EM3bq

Entry address:
0x1531E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
80 KB (81,920 bytes)

Remove bcihpqwaqz - Powered by Reason Core Security