home

home.exe

WeiSiTianYu Software Develop Service Center

The application home.exe by WeiSiTianYu Software Develop Service Center has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
WeiSiTianYu Software Develop Service Center  (signed and verified)

Version:
5.2.5.82

MD5:
06c8ea2857ffd03973e8c282384d7f80

SHA-1:
def248e94cb5dcf89b7dff2d00cbbaeb66e01c4f

SHA-256:
59bb134375b7c32e33e9635c279c277892f2337b5ef104ede6efe1e6dd8e7ce1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/25/2024 6:26:34 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.PCOptimizer.Optional.Meta (L)
16.6.26.23

File size:
3.1 MB (3,203,008 bytes)

Product version:
5.2

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\optimizer tool\home.exe

Digital Signature
Signed by:
WeiSiTianYu Software Develop Service Center

Authority:
WoSign, Inc.

Valid from:
7/30/2009 8:00:00 PM

Valid to:
7/31/2010 7:59:59 PM

Subject:
CN=WeiSiTianYu Software Develop Service Center, OU=Class 3 - for Microsoft Authenticode Signing, O=WeiSiTianYu Software Develop Service Center, L=Beijing, S=Beijing, C=CN

Issuer:
CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:
2BBBFDC500D3B0F2A0BCF6F0BB1D1521

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:z2FP1MeQMu91zmYXho05uyRrifN4PbEac1mQp+58JHo5IGZl3K6ZYX:UP1M/zmYX+0dr1PbEacYQsPs

Entry address:
0x283FE4

Entry point:
55, 8B, EC, 83, C4, F0, B8, 54, 37, 68, 00, E8, F0, 34, D8, FF, A1, 04, 2F, 69, 00, 8B, 00, E8, 64, 9F, E5, FF, 8B, 0D, F0, 2B, 69, 00, A1, 04, 2F, 69, 00, 8B, 00, 8B, 15, 78, 31, 68, 00, E8, 6C, 9F, E5, FF, A1, 04, 2F, 69, 00, 8B, 00, E8, F4, 9F, E5, FF, E8, EB, 0A, D8, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6525

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 MB (2,634,240 bytes)

Remove home.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.