» bgcbldsrv.exe
Overview
Analysis
File Details

bgcbldsrv.exe

Ding Ruan

The application bgcbldsrv.exe by Ding Ruan has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

bgcbldsrv.exe

Publisher:

Ding Ruan (signed and verified)

MD5:

c818057745b74ff1df59e02860c91e58

SHA-1:

4e08469f29c11bedf6a340168197c878159fa085

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/9/2024 12:24:28 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ELEX.DingRuan (M)

16.6.16.18

File size:

1.1 MB (1,144,327 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\begoch\bgcbldsrv.exe

Digital Signature

Signed by:

Ding Ruan

Authority:

thawte, Inc.

Valid from:

5/3/2016 2:00:00 AM

Valid to:

4/14/2017 1:59:59 AM

Subject:

CN=Ding Ruan, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

2CCF9340CE807CF00A62DDD5CE3225E1

File PE Metadata

Compilation timestamp:

5/3/2016 4:52:06 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

24576:wtpUWG/bxq14qVNfy1EeHTyNihGZ1SJTrnioysDTrE3fmmvxbicNx:wLUWGtoVHr2TaihI1SJTbfvDT43fVvxb

Entry address:

0x429A7

Entry point:

BB, E0, 08, 5E, 6D, 93, E9, 20, 01, 00, 00, B4, 5A, BD, B9, 65, E9, BD, B9, D5, 4F, 4C, 3D, 3D, BD, 3D, 3D, 2C, 3D, 3D, 3D, 9C, 6E, 73, 6E, 6D, 6E, 76, 74, 73, 3D, 3D, 3D, B1, 9E, B7, A2, 9F, 9E, AA, 9E, 6B, A1, A9, A9, 3D, 3D, 3D, 3D, 99, 3D, 3D, 3D, 83, AF, A2, A2, 89, A6, 9F, AF, 9E, AF, B6, 3D, 80, AF, A2, 9E, B1, A2, 81, A6, AF, A2, A0, B1, AC, AF, B6, 7E, 3D, 3D, 3D, 3D, 84, A2, B1, 94, A6, AB, A1, AC, B4, B0, 81, A6, AF, A2, A0, B1, AC, AF, B6, 7E, 3D, 3D, 3D, 3D, 84, A2, B1, 8A, AC, A1, B2, A9, A2... 
[+]

Code size:

699.5 KB (716,288 bytes)

Remove bgcbldsrv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.