home

bingdict_setup.exe

微软必应词典

上海美斯恩网络通讯技术有限公司

This is a setup and installation application.
Publisher:
微软  (signed by 上海美斯恩网络通讯技术有限公司)

Product:
微软必应词典

Description:
微软必应词典安装程序

Version:
1.6.1.0

MD5:
4b356c06b7fb4f1917a42e469914db7a

SHA-1:
c5cbafd996656b0f06224ab7400331070cbe61d5

SHA-256:
30da12a504893cb112bd8d4c347e13e7409940480f1e98baefca80146f9db4c1

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 3:03:19 AM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

File size:
15 MB (15,741,264 bytes)

Product version:
1.6.1.0

Copyright:
Copyright Microsoft 2012

Original file name:
BingDictSetup.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\bingdict\update\150\bingdict_setup.exe

Digital Signature
Signed by:
上海美斯恩网络通讯技术有限公司

Authority:
WoSign eCommerce Services Limited

Valid from:
6/27/2012 1:59:00 PM

Valid to:
7/1/2015 11:03:06 AM

Subject:
E=j-hogao@microsoft.com, CN=上海美斯恩网络通讯技术有限公司, O=上海美斯恩网络通讯技术有限公司, L=上海市, S=上海市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
1CD7A9516EBD55

File PE Metadata
Compilation timestamp:
7/10/2012 5:27:54 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:CJcxGaEZTQ5vEsedJQ+yrS8T3clK6KrfB694:aZikJQRZkKbzB1

Entry address:
0xD426

Entry point:
E8, 94, 4E, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, E4, 95, 42, 00, FF, 15, BC, 00, 42, 00, 85, C0, 75, 18, 56, E8, FD, 24, 00, 00, 8B, F0, FF, 15, 6C, 00, 42, 00, 50, E8, AD, 24, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 8B, 55, 08, 53, 8B, 5D, 14, 56, 57, 85, DB, 75, 10, 85, D2, 75, 10, 39, 55, 0C, 75, 12, 33, C0, 5F, 5E, 5B, 5D, C3, 85, D2, 74, 07, 8B, 7D, 0C, 85, FF, 75, 13, E8, B7, 24, 00, 00, 6A, 16, 5E, 89, 30, E8, E3, 3A, 00, 00...
 
[+]

Entropy:
7.8857  (probably packed)

Code size:
123 KB (125,952 bytes)

Scan bingdict_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.