freeslideshowmaker-cnet.exe

Free Slideshow Maker

Beijing Qingchuanglianxiang Technology Co Ltd

The application freeslideshowmaker-cnet.exe, “Free Slideshow Maker Setup ” by Beijing Qingchuanglianxiang Technology Co has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
VisionGem Co., Ltd.   (signed by Beijing Qingchuanglianxiang Technology Co Ltd)

Product:
Free Slideshow Maker

Description:
Free Slideshow Maker Setup

MD5:
ab88fb0fbe2927ed438f6fb564c5b07c

SHA-1:
ae1372af03e1b086349f80b618b2f15d99bd65a4

SHA-256:
cd9567dde2cd29edad8bc37bb4395c5d8ce24a52232b5e07a3911529e512b421

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/23/2024 10:22:25 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
16.10.17.5

File size:
5.8 MB (6,086,936 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\freeslideshowmaker-cnet.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
9/11/2015 5:30:00 AM

Valid to:
9/11/2016 5:29:59 AM

Subject:
CN=Beijing Qingchuanglianxiang Technology Co Ltd, O=Beijing Qingchuanglianxiang Technology Co Ltd, STREET="1901,Moma Building, No.199 Chaoyangbei Road,", L=Chaoyang, S=BeiJing, PostalCode=100027, C=CN

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E5F50EB929935434546FDDE8F49FCB1E

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:qbjZfDxVM4x94WR2FoBIN+DlHm5Kavp69J3JCJSyg6xJ3JCJQJ3JCJrQvB6GFvWu:qpU5WR2GWN+hIMJ3JCJSyjxJ3JCJQJ3/

Entry address:
0xA5F8

Entry point:
90, C5, 37, E7, F0, 8D, CE, 66, B7, BB, EA, E0, 0D, C8, E2, 57, E7, F0, FD, 2B, AD, D5, 86, 8B, 37, A0, 88, D1, E4, 60, 0E, AD, 1D, DA, EF, 67, D4, 0B, C8, 98, B3, ED, 4A, F8, 1A, C0, D7, 6A, 19, 7C, 86, 82, 68, 28, A2, 4B, B3, 18, F3, 44, 2D, 8A, B5, 18, DF, E3, A2, 0F, 00, 0D, 64, 58, D1, 04, A9, 69, 4A, C6, D8, 87, 28, EE, E2, 78, 24, 28, D6, 0C, F0, 3A, C1, A5, 19, 3B, E4, CB, B9, 21, CD, 0B, 49, 5F, D0, 54, B5, BD, 0F, 53, 0C, 19, 31, A3, F7, EA, F9, F7, AF, 9E, 3F, 45, C7, 0F, 9E, 1D, 3F, F8, E9, F8...
 
[+]

Entropy:
7.7519  (probably packed)

Code size:
39.5 KB (40,448 bytes)

Remove freeslideshowmaker-cnet.exe - Powered by Reason Core Security