Huihui.exe

惠惠购物助手

NetEase Youdao Information Technology (Beijing) Co.,Ltd.

Publisher:
网易有道  (signed by NetEase Youdao Information Technology (Beijing) Co.,Ltd.)

Product:
惠惠购物助手

Description:
惠惠购物助手【网易出品】

Version:
1.0.0.1

MD5:
b46874a44248a1a18b4f47dc584085a7

SHA-1:
91b800643b4bd332c3ed70106fb99d3ccfd482c0

SHA-256:
d5e0e7cf5a068b217b555d9c32807a538a499cc6c3fa9aad9fd86a3645fedf58

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 10:33:23 AM UTC  (today)

File size:
1.8 MB (1,920,968 bytes)

Product version:
1.0.0.1

Copyright:
Netease Youdao. All rights reserved.

Original file name:
Huihui.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\youdao\shoppingassistant\ie\4.2\huihui.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
8/16/2012 8:00:00 AM

Valid to:
10/16/2015 7:59:59 AM

Subject:
CN="NetEase Youdao Information Technology (Beijing) Co.,Ltd.", OU=Product Dept., OU=Digital ID Class 3 - Microsoft Software Validation v2, O="NetEase Youdao Information Technology (Beijing) Co.,Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2ED220DA7B01272CE02E62BF9C4E867D

File PE Metadata
Compilation timestamp:
4/9/2015 11:26:10 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:xXj8YjAnsShg2tb9MYJREZR1gTnIjMUwK8EKkDEpr7XdawD0LI3vmuY9T0tc9Zp:xXj8Znltb9VcZR1g8MUwK8EKkDEpr7XE

Entry address:
0x6F8C7

Entry point:
E8, 0C, 93, 00, 00, E9, 79, FE, FF, FF, 3B, 0D, 10, 27, 55, 00, 75, 02, F3, C3, E9, 8E, 93, 00, 00, 8B, FF, 51, C7, 01, 54, 23, 53, 00, E8, 86, 94, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 05, 94, FD, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, CA, 94, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, C4, EB, 55, 00, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC...
 
[+]

Entropy:
6.2219

Code size:
1.2 MB (1,209,344 bytes)

The file Huihui.exe has been seen being distributed by the following URL.

Scan Huihui.exe - Powered by Reason Core Security