home

diannaomoniqi.exe

蓝光手游大师

武汉晃游网络

This is a setup program which is used to install the application. The file has been seen being downloaded from h5jv8.hz5l.hz155.com.
Publisher:
武汉晃游网络

Product:
蓝光手游大师

Version:
0.0.0.75

MD5:
b3ac64ffd43294470aaaeac5068c94db

SHA-1:
576e14587f38f24f83420cde81ce86a81852860b

SHA-256:
4e7c76303588e779871c678f3f4eb1e7f5423b93a635011be22f7c6df29a6363

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 11:07:42 AM UTC  (today)

File size:
19.3 MB (20,189,152 bytes)

Copyright:
武汉晃游网络

Trademarks:
蓝光手游大师

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\downloads\diannaomoniqi.exe

File PE Metadata
Compilation timestamp:
12/6/2009 6:50:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:J1Z7Xo2Em3Pfqa5MraDRbB5iIB8NjrdPSGL7BuhAgyV9I+R1PPtz+YzoTV:XZzqKPRDFiGejghrA6c1Px+YsB

Entry address:
0x4F000

Entry point:
90, 90, BB, CC, CA, D3, 02, 90, 90, BE, 26, F0, 44, 00, 90, 68, 98, 05, 00, 00, 5A, 90, FF, 34, 32, 31, 1C, 24, 8F, 04, 32, 83, EA, 02, 83, EA, 02, 90, 90, 75, ED, 90, 24, B7, D2, 02, CC, CA, D3, 02, CC, CA, 93, 02, 07, FA, D3, 02, 6C, 92, E2, 03, 2C, 95, E2, 03, CC, 7A, D1, 02, CD, CA, D3, 02, AC, BA, 93, 02, 48, B2, 93, 02, 5A, B2, 93, 02, 74, A8, D3, 02, 4E, B2, D3, 02, 58, B2, D3, 02, AC, 94, D3, 02, 4E, B2, D3, 02, 58, B2, D3, 02, CC, CA, D3, 02, CC, CA, D3, 02, CC, CA, D3, 02, CC, CA, D3, 02, 18, BA...
 
[+]

Entropy:
7.9983  (probably packed)

Code size:
22.5 KB (23,040 bytes)

The file diannaomoniqi.exe has been seen being distributed by the following URL.

http://h5jv8.hz5l.hz155.com/.../diannaomoniqi.exe

Scan diannaomoniqi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.