home

browser.exe

CocCoc

COC COC COMPANY LIMITED

The executable browser.exe has been detected as malware by 11 anti-virus scanners.
Publisher:
Coc Coc Co., Ltd.  (signed by COC COC COMPANY LIMITED)

Product:
CocCoc

Version:
41.0.2272.127

MD5:
4670cb1dc4b6ee15af1e6b74dc1429d3

SHA-1:
a9d381c1aa14cd2e0933e4e1b31c949caad750ac

SHA-256:
d195ba1156d1840e9099ef9866d87bc7b033f6397014da89e0f1fb944e2141bb

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
11/23/2024 2:44:19 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Sality.3
565

avast!
Win32:Kukacka
2014.9-150720

AVG
Win32/Sality
2016.0.3043

Dr.Web
Win32.Sector.30
9.0.1.0201

Emsisoft Anti-Malware
Win32.Sality
8.15.07.20.02

F-Prot
W32/Sality.gen2
v6.4.6.5.141

F-Secure
Win32.Sality.3
11.2015-18-04_7

McAfee
Virus.W32/Sality.gen.z
5600.6699

Microsoft Security Essentials
Threat.Undefined
1.199.824.0

Norman
Win32.Sality.3
11.20150720

Sophos
Virus 'Mal/Sality-D'
5.14

File size:
657.6 KB (673,432 bytes)

Product version:
41.0.2272.127

Copyright:
Copyright (C) 2012-2015 Coc Coc Co., Ltd. All Rights Reserved.

Original file name:
browser.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\coccoc\browser\application\browser.exe

Digital Signature
Signed by:
COC COC COMPANY LIMITED

Authority:
GlobalSign nv-sa

Valid from:
3/6/2015 4:48:58 PM

Valid to:
6/6/2016 4:48:58 PM

Subject:
E=admins@coccoc.vn, CN=COC COC COMPANY LIMITED, OU=IT Department, O=COC COC COMPANY LIMITED, L=Hanoi, S=Hanoi, C=VN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121EBA1F222156D26DE5F36CBA2DF3C5A37

File PE Metadata
Compilation timestamp:
4/16/2015 11:28:36 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:GdSLTzgaEPLNSbogMDi6iiz0WP+UJSRVvAvJXuSZJGTOddX3KJgcNivyOpnljV3+:GdSHE4WDuzTPp/gjDT9S

Entry address:
0x49748

Entry point:
E8, 4A, B2, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 53, 56, 8B, 44, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 14, 8B, 44, 24, 10, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 0C, F7, F1, 8B, D3, EB, 41, 8B, C8, 8B, 5C, 24, 14...
 
[+]

Code size:
404.5 KB (414,208 bytes)

Remove browser.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.