home

cceuter.exe

Xin Zhou

The application cceuter.exe by Xin Zhou has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Xin Zhou  (signed and verified)

MD5:
3ca2f5a88907958bd9c0ed581b19f151

SHA-1:
2add859ac9a8fa05bb22f7f5f6522cc43af7d389

SHA-256:
1405e094234e2a74ef342ae4f61391a33861e4b358ae936d8b6c2889da8ad800

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 9:38:21 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.XinZhou (M)
16.4.20.9

File size:
511.1 KB (523,416 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\yesbnd\cceuter.exe

Digital Signature
Signed by:
Xin Zhou

Authority:
thawte, Inc.

Valid from:
4/19/2016 10:00:00 AM

Valid to:
3/23/2017 10:59:59 AM

Subject:
CN=Xin Zhou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
4CEAF4F1B7C2E1B181B9A1ED937F62A8

File PE Metadata
Compilation timestamp:
4/19/2016 12:32:52 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
6144:TgJ7uGDVXB/Va+kX6bkuUViWkTJ/zfKGCio/x+dKK7K4rbXazuNvOvWNuxdf:TgNJt51UViXF/zSG9zK4r7aS2uNuxJ

Entry address:
0x37986

Entry point:
E8, 56, 77, 00, 00, E9, 7F, FE, FF, FF, 6A, 10, 68, 10, 9A, 46, 00, E8, 54, 11, 00, 00, 33, FF, 89, 7D, E4, 6A, 01, E8, 85, 00, 00, 00, 59, 21, 7D, FC, 6A, 03, 5E, 89, 75, E0, 3B, 35, E4, BA, 47, 00, 7D, 53, A1, E0, BA, 47, 00, 8B, 04, B0, 85, C0, 74, 44, F6, 40, 0C, 83, 74, 10, 50, E8, 01, 79, 00, 00, 59, 83, F8, FF, 74, 04, 47, 89, 7D, E4, 83, FE, 14, 7C, 29, A1, E0, BA, 47, 00, 8B, 04, B0, 83, C0, 20, 50, FF, 15, 3C, 60, 45, 00, A1, E0, BA, 47, 00, FF, 34, B0, E8, 54, F5, FF, FF, 59, A1, E0, BA, 47, 00...
 
[+]

Entropy:
6.6017

Code size:
340 KB (348,160 bytes)

Remove cceuter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.