home

GameCenter.exe

2144游戏大厅

上海剑圣网络科技有限公司

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘GameBoxStratRun’.
Publisher:
上海剑圣网络科技有限公司  (signed and verified)

Product:
2144游戏大厅

Version:
4.1.0.0

MD5:
4b60af686d1dd13459c97140f2b0514c

SHA-1:
20625dec368a0e3dca56c0b83424a334695b84a1

SHA-256:
af2e96f17e34a6085e48c2eccd3a1669912048eb322fc6bd86dc99ea7db54a83

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 1:59:52 PM UTC  (today)

File size:
1.3 MB (1,346,320 bytes)

Product version:
4.1.0.0

Copyright:
TODO: (C) 上海剑圣网络科技有限公司。保留所有权利。

Original file name:
GameCenter.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\2144gamebox\gamecenter.exe

Digital Signature
Signed by:
上海剑圣网络科技有限公司

Authority:
Symantec Corporation

Valid from:
2/3/2015 8:00:00 AM

Valid to:
5/5/2017 7:59:59 AM

Subject:
CN=上海剑圣网络科技有限公司, O=上海剑圣网络科技有限公司, L=上海, S=上海市, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
78A2BBEE98B683A0FC25ADE00CF2DFEB

File PE Metadata
Compilation timestamp:
9/7/2016 6:33:09 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0xC8F12

Entry point:
E8, 9D, 07, 00, 00, E9, 6B, FD, FF, FF, 3B, 0D, 50, F7, 50, 00, 75, 02, F3, C3, E9, 24, 08, 00, 00, 8B, FF, 55, 8B, EC, F6, 45, 08, 02, 57, 8B, F9, 74, 25, 56, 68, 96, 98, 4C, 00, 8D, 77, FC, FF, 36, 6A, 0C, 57, E8, FB, 00, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, 80, F4, FF, FF, 59, 8B, C6, 5E, EB, 14, E8, 33, 09, 00, 00, F6, 45, 08, 01, 74, 07, 57, E8, 69, F4, FF, FF, 59, 8B, C7, 5F, 5D, C2, 04, 00, CC, FF, 25, 28, 04, 4E, 00, FF, 25, 84, 03, 4E, 00, 6A, 10, 68, 60, CF, 4F, 00, E8, A0, 06, 00, 00, 33, C0...
 
[+]

Entropy:
6.3699

Code size:
889.5 KB (910,848 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GameBoxStratRun

Command:
C:\users\{user}\appdata\roaming\2144gamebox\gamecenter.exe \runhide


Scan GameCenter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.