» dlyac.exe
Overview
Analysis
File Details

dlyac.exe

Chencheng Cai

The application dlyac.exe by Chencheng Cai has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

dlyac.exe

Publisher:

Chencheng Cai (signed and verified)

MD5:

72fccef9e5aed8b108333d6191aeef65

SHA-1:

be5559f069f13dc387da1c0a8340e6bc48910794

SHA-256:

8398e8df7307fbb8cbfd084e4f9410384a48883347684c047b7e8db26908a78e

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/30/2024 10:44:23 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ELEX (M)

16.8.24.22

File size:

203.6 KB (208,504 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\tools\dlyac.exe

Digital Signature

Signed by:

Chencheng Cai

Authority:

thawte, Inc.

Valid from:

8/16/2016 3:00:00 AM

Valid to:

1/18/2017 1:59:59 AM

Subject:

CN=Chencheng Cai, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

262EA0B4AC181BC450363516E723BA94

File PE Metadata

Compilation timestamp:

8/22/2016 9:31:56 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:c73Ax4ZsnQcWbaEKRf7L6UU+mcP1+Bjw6ouS+K6O2IuOhsh73:Q10QcQaEOHf+9MnDq7

Entry address:

0x11FA7

Entry point:

E8, F8, 6D, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 0C, 83, EC, 20, 56, 57, 6A, 08, 59, BE, 6C, 73, 42, 00, 8D, 7D, E0, F3, A5, 8B, 4D, 08, 5F, 5E, 85, C0, 74, 0D, F6, 00, 10, 74, 08, 8B, 01, 8B, 40, FC, 8B, 40, 18, 89, 4D, F8, 89, 45, FC, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 0C, 61, 42, 00, C9, C2, 08, 00, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 8B, 4D, F0, 33, CD, E8, C2... 
[+]

Entropy:

6.3841

Code size:

146 KB (149,504 bytes)

Remove dlyac.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.