fgcn_102051.exe

Trend Media Corporation Limited

The executable fgcn_102051.exe, “Flashget(快车) 在线安装程序” has been detected as malware by 15 anti-virus scanners.
Publisher:
Flashget  (signed by Trend Media Corporation Limited)

Description:
Flashget(快车) 在线安装程序

Version:
1, 0, 0, 2

MD5:
01cf60d771d277e3461d569d2892443f

SHA-1:
e6fd41c3fc6b7a7c35b257dee8a5d2a320d367d9

SHA-256:
47b7d1383c5ddaeb89321caa54dcc2a04779968467fc5735307e3a68320cfdf2

Scanner detections:
15 / 68

Status:
Malware

Analysis date:
12/25/2024 4:20:41 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.12581991
299

AhnLab V3 Security
Trojan/Win32.HDC
2015.06.11

Arcabit
Trojan.Generic.DBFFC67
1.0.0.425

avast!
Win32:Malware-gen
2014.9-160410

AVG
Generic35
2017.0.2777

Bitdefender
Trojan.Generic.12581991
1.0.20.505

Dr.Web
Trojan.DownLoader5.44865
9.0.1.0101

Emsisoft Anti-Malware
Trojan.Generic.12581991
8.16.04.10.06

F-Secure
Trojan.Generic.12581991
11.2016-10-04_1

G Data
Trojan.Generic.12581991
16.4.25

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.9.5.0

MicroWorld eScan
Trojan.Generic.12581991
17.0.0.303

nProtect
Trojan.Generic.12581991
15.06.10.02

ViRobot
Dropper.Shortcut.262192[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Genome.Win32.214646
2.0.0.2218

File size:
256.8 KB (262,976 bytes)

Product version:
1, 0, 0, 2

Copyright:
Copyright (C) 2009 FlashGet Inc.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\fgcn_102051.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/27/2013 8:00:00 AM

Valid to:
8/27/2015 7:59:59 AM

Subject:
CN=Trend Media Corporation Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Trend Media Corporation Limited, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
143BB0A75FF3C3D020D68E2E1A32DA43

File PE Metadata
Compilation timestamp:
7/12/2010 4:57:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:n8k02IhE4dD0yPYTy4UHz/m2kg8zxkndcYC4Nx19/53eS58:8PhE4BgeJHz+2yWdnC4x19/hez

Entry address:
0xA56D0

Entry point:
60, BE, 00, 80, 46, 00, 8D, BE, 00, 90, F9, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.9023

Packer / compiler:
UPX 2.90LZMA

Code size:
248 KB (253,952 bytes)

Remove fgcn_102051.exe - Powered by Reason Core Security