home

ia0_s1g15731.exe

游戏安装程序

Product:
游戏安装程序

Version:
1, 0, 0, 3

MD5:
097738df82686dd0e63583c2aa12ddf2

SHA-1:
c5e0e0c2b114af6cee21a2d15efe0421e22cb4b9

SHA-256:
3cb4e70f2bacb32403d3474914265cfeb3ed2317e50b54ea6e53b530e6955ae3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/14/2025 11:51:11 AM UTC  (today)

File size:
1.2 MB (1,224,704 bytes)

Product version:
1, 0, 0, 3

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
Kinesiska (förenklad, Kina)

Common path:
C:\users\{user}\downloads\ia0_s1g15731.exe

File PE Metadata
Compilation timestamp:
11/25/2015 9:05:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:XKN/yZqGcp0eLYi/HER68ZgkAFWhnpTYcjWw2bMPeFQ/6BKnMRzZP9T5zRUkw0ey:a70GY3s8Lyw2bMPeFQ/6BKnMRzZ1T4g

Entry address:
0xAB6A3

Entry point:
E8, 64, C5, 00, 00, E9, 17, FE, FF, FF, 83, 3D, 00, 2D, 4D, 00, 00, 74, 15, 68, 00, 2D, 4D, 00, E8, 60, C6, 00, 00, 85, C0, 59, 74, 06, FF, 15, 00, 2D, 4D, 00, E8, DF, 71, 00, 00, 85, C0, 74, 07, 50, E8, 85, 73, 00, 00, 59, FF, 74, 24, 04, FF, 15, DC, 21, 4D, 00, CC, 6A, 0C, 68, 08, 02, 4F, 00, E8, 5A, 75, 00, 00, E8, 2F, 72, 00, 00, 83, 65, FC, 00, FF, 70, 58, FF, 50, 54, 50, E8, A6, FF, FF, FF, 8B, 45, EC, 8B, 08, 8B, 09, 89, 4D, E4, 50, 51, E8, 37, BE, 00, 00, 59, 59, C3, 8B, 65, E8, FF, 75, E4, E8, A5...
 
[+]

Entropy:
6.7707

Code size:
836 KB (856,064 bytes)

The file ia0_s1g15731.exe has been seen being distributed by the following URL.

http://d1.kuai8.com/tg/.../Ã?Å Ã?¹Ã?Æ?Ã?¼Ã?â?¢Ã?â?¢Ã?»Ã?½1_s4g00452.exe

Scan ia0_s1g15731.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.