home

deld395.tmp

重庆话语科技有限公司

Publisher:
重庆话语科技有限公司  (signed and verified)

MD5:
5e48250ecca0c8a866ce05c2c94d8be6

SHA-1:
9f2351be7e9671419b6eeed751b9fd67a1be028d

SHA-256:
712018fd4c8db6ade4d2c252a74312a2815ae0bf821dcb3487a29928369ab074

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 10:30:58 AM UTC  (today)

File size:
556.5 KB (569,832 bytes)

Common path:
C:\users\{user}\appdata\local\temp\deld395.tmp

Digital Signature
Signed by:
重庆话语科技有限公司

Authority:
Thawte, Inc.

Valid from:
7/19/2013 8:00:00 AM

Valid to:
9/18/2014 7:59:59 AM

Subject:
CN=重庆话语科技有限公司, OU=酷屏项目部, O=重庆话语科技有限公司, L=重庆, S=重庆, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7237ACBBEF66317B1DB46C898E1F3ABE

File PE Metadata
Compilation timestamp:
3/26/2014 2:24:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:70kVo02CxSaAfQJgLKhOD0ZRUURhd0prKgvI1fcgBMLTZ1:70yhQ0PUSd0prK+I9cgBMLTZ1

Entry address:
0x26AC7

Entry point:
E8, 27, 04, 00, 00, E9, 63, FD, FF, FF, 8B, FF, 55, 8B, EC, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75, 08, 68, 91, 65, 42, 00, 68, 48, 40, 43, 00, E8, 9D, 04, 00, 00, 83, C4, 18, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, 8A, 04, 00, 00, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, 74, 04, 00, 00, FF, 25, F4, A1, 42, 00, FF, 25, F8, A1, 42, 00, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, FC, A1, 42, 00, 8B...
 
[+]

Entropy:
7.5597

Code size:
163.5 KB (167,424 bytes)

Scan deld395.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.