home

dlyac.exe

Chencheng Cai

The application dlyac.exe by Chencheng Cai has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Chencheng Cai  (signed and verified)

MD5:
769d321dc092f7bf0c15360f892c5b8c

SHA-1:
346ff59b7ae7df4bb88656d6b6788918cad2f1ff

SHA-256:
57abdac1f6980770a1959b34fd38f3e941ed43f8509e79126c9291bdf4d116b8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/30/2024 10:38:07 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX (M)
16.8.26.11

File size:
203.6 KB (208,504 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\tools\dlyac.exe

Digital Signature
Signed by:
Chencheng Cai

Authority:
thawte, Inc.

Valid from:
8/15/2016 9:00:00 PM

Valid to:
1/17/2017 8:59:59 PM

Subject:
CN=Chencheng Cai, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
262EA0B4AC181BC450363516E723BA94

File PE Metadata
Compilation timestamp:
8/22/2016 3:31:56 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:a73Ax4ZsnQcWbaEKRf7L6UU+mcP1+Bjw6ouS+K6O2IuOhsh73:i10QcQaEOHf+9MnDq7

Entry address:
0x11FA7

Entry point:
E8, F8, 6D, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 0C, 83, EC, 20, 56, 57, 6A, 08, 59, BE, 6C, 73, 42, 00, 8D, 7D, E0, F3, A5, 8B, 4D, 08, 5F, 5E, 85, C0, 74, 0D, F6, 00, 10, 74, 08, 8B, 01, 8B, 40, FC, 8B, 40, 18, 89, 4D, F8, 89, 45, FC, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 0C, 61, 42, 00, C9, C2, 08, 00, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 8B, 4D, F0, 33, CD, E8, C2...
 
[+]

Code size:
146 KB (149,504 bytes)

Remove dlyac.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.