» d4f3b77c-28f7-b13f-16a6-0895408e2704_1d2070bee3cd042
Overview
Analysis
File Details

d4f3b77c-28f7-b13f-16a6-0895408e2704_1d2070bee3cd042

极速拷贝Shell扩展

Yantai ZhengHao Network Technology Co.,Ltd.

File name:

Publisher:

Yantai ZhengHao Network Technology Co.,Ltd. (signed and verified)

Product:

极速拷贝Shell扩展

Version:

1.0.1.1

MD5:

c98a3a80420aa512d26273304d77fe52

SHA-1:

e2ce6b15108a5692c30e7d4a03efd47ed6bf936b

SHA-256:

cc00a9328f1cc0410be5a86488266891d59341c0c9343170b17d0190f7b3dc61

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 9:33:47 AM UTC (today)

File size:

258.6 KB (264,800 bytes)

Product version:

1.0.1.1

烟台市正浩网络科技有限公司

Language:

Chinese (Simplified, PRC)

Common path:

C:\ProgramData\microsoft\windows defender\scans\filesstash\d4f3b77c-28f7-b13f-16a6-0895408e2704_1d2070bee3cd042

Digital Signature

Signed by:

Yantai ZhengHao Network Technology Co.,Ltd.

Authority:

Symantec Corporation

Valid from:

9/7/2015 8:00:00 AM

Valid to:

10/7/2016 7:59:59 AM

Subject:

CN="Yantai ZhengHao Network Technology Co.,Ltd.", O="Yantai ZhengHao Network Technology Co.,Ltd.", L=Yantai, S=Shandong, C=CN

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

29BD1ABE240AD35F28F37F819CACFD29

File PE Metadata

Compilation timestamp:

12/28/2015 5:59:59 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:f7OmV/eGEoPs/XTSTmDJiVWbiPKbXasrgQuse69n8DkmoTgcrUOFKN+Lbz8pf:jjVJE9XeTwJiIb6kN0VY4ITSWKNgbz85

Entry address:

0x677C

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 6B, 45, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, EB, 07, 3A, C2, 74, 0D, 48, FF, C1, 8A, 01, 84, C0, 75, F3, 3A, C2, 75, 04, 48, 8B, C1, C3, 33, C0, C3, CC, CC, 4C, 8B, C9, 45, 33, C0, 8A, 01, 48, FF, C1, 84, C0, 75, F7, 48, FF, C9, 49, 3B, C9, 74, 04, 38, 11, 75, F4, 38, 11, 4C, 0F, 44, C1, 49, 8B, C0... 
[+]

Entropy:

6.1426

Code size:

66 KB (67,584 bytes)

Scan d4f3b77c-28f7-b13f-16a6-0895408e2704_1d2070bee3cd042 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.