home

ga_dl20140615_230424_695_00041.exe

SelfUpdate Module

北京紫贝壳软件有限公司

Publisher:
北京紫贝壳科技有限公司  (signed by 北京紫贝壳软件有限公司)

Product:
SelfUpdate Module

Version:
2.2.4.1836

MD5:
11014270522eeb6b2c0e8e1f012e1bec

SHA-1:
8c24599d447d0a18ffacb8856cb598e74c6fa611

SHA-256:
cf871e3092192f07cb7c248658239daabd70afcff687d1c01e5c0e890d146d72

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/4/2025 10:15:11 AM UTC  (today)

File size:
729.8 KB (747,296 bytes)

Product version:
2.2.4.0

Copyright:
Copyright 2014

Original file name:
SelfUpdate.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\maniacgametool_v2\download\ga_dl20140615_230424_695_00041.exe

Digital Signature
Signed by:
北京紫贝壳软件有限公司

Authority:
WoSign eCommerce Services Limited

Valid from:
11/5/2013 7:29:10 PM

Valid to:
11/8/2014 7:48:06 AM

Subject:
E=chengzhe@52zbk.com, CN=北京紫贝壳软件有限公司, O=北京紫贝壳软件有限公司, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
025C4D2BC81277

File PE Metadata
Compilation timestamp:
6/13/2014 11:52:42 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:/SHN7aJmgZ09PTt6FgK3g4W3MVqvWTDCUbtnXyuoiExxhgTlpH9a0l:/GaJmW0dt6f3g5MVq+TDCaBjd

Entry address:
0x39E36

Entry point:
E8, 60, BF, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, B8, 20, 10, 00, 00, E8, F1, F2, FF, FF, A1, 40, 1C, 46, 00, 33, C5, 89, 45, FC, 53, 56, 8B, 75, 08, 57, 56, E8, 9D, 7B, 00, 00, 8B, D8, 33, C0, 59, 89, 9D, E8, EF, FF, FF, 39, 46, 04, 7D, 03, 89, 46, 04, 6A, 01, 50, 50, 53, E8, A7, 3D, 00, 00, 83, C4, 10, 8B, F8, 89, BD, EC, EF, FF, FF, 89, 95, F0, EF, FF, FF, 85, D2, 7F, 10, 7C, 04, 85, FF, 73, 0A, 83, C8, FF, 0B, D0, E9, D4, 02, 00, 00, 8B, C3, C1, F8, 05, 8D, 04, 85, 00, 43, 46, 00, 83, E3, 1F...
 
[+]

Entropy:
7.0523

Code size:
313.5 KB (321,024 bytes)

Scan ga_dl20140615_230424_695_00041.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.