» dmg.exe
Overview
Analysis
File Details
Downloads (1)

dmg.exe

深圳市为爱普信息技术有限公司

File name:

dmg.exe

Publisher:

深圳市为爱普信息技术有限公司 (signed and verified)

MD5:

b7973a2850035561dfcbc2c9bf150e8f

SHA-1:

aeb191ec9e1e12ed9184d2a2322a911980bfbca1

SHA-256:

c09cc5dc4dc8e989e1a7d0acbfa71645fac2a7eec6678daa0a28081e3357316d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 10:45:20 AM UTC (today)

File size:

893.2 KB (914,648 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\????\files\patchtools\dmg.exe

Digital Signature

Signed by:

深圳市为爱普信息技术有限公司

Authority:

GlobalSign nv-sa

Valid from:

5/22/2012 12:05:51 PM

Valid to:

5/23/2013 12:05:51 PM

Subject:

CN=深圳市为爱普信息技术有限公司, O=深圳市为爱普信息技术有限公司, L=Shenzhen, S=Guangdong, C=CN

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11210E8884FF97E07AF62AF27C885CA9980C

File PE Metadata

Compilation timestamp:

8/7/2008 8:00:27 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.56

CTPH (ssdeep):

24576:W85UIP7O7+vvWx5uckwJktVFd+fNTTy+tFjOonmuo6:W85UIP7O7x8ckwVlTG+tF6onmuP

Entry address:

0x1130

Entry point:

55, 89, E5, 83, EC, 14, 6A, 01, FF, 15, F8, 92, 46, 00, E8, DD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 89, E5, 53, 83, EC, 04, 8B, 45, 08, 8B, 00, 8B, 00, 3D, 91, 00, 00, C0, 77, 3B, 3D, 8D, 00, 00, C0, 72, 4B, BB, 01, 00, 00, 00, 50, 50, 6A, 00, 6A, 08, E8, 84, 9D, 04, 00, 83, C4, 10, 83, F8, 01, 0F, 84, D6, 00, 00, 00, 85, C0, 0F, 85, 90, 00, 00, 00, 31, C0, 8B, 5D, FC, C9, C2, 04, 00, 8D, B4, 26, 00, 00, 00, 00, 3D, 94, 00, 00, C0, 74, 49, 3D, 96, 00, 00, C0, 74, 17, 3D, 93... 
[+]

Entropy:

6.4894

Packer / compiler:

Dev-C++ v5

Code size:

297 KB (304,128 bytes)

The file dmg.exe has been seen being distributed by the following URL.

http://d.updater.i4.cn/i4toolupdate6/i4tools/update_files/files/.../B7973A2850035561DFCBC2C9BF150E8F.exe

Scan dmg.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.