home

iweather.exe

Shanghai Digital Century Network Co.,Ltd.

Publisher:
小熊天气  (signed by Shanghai Digital Century Network Co.,Ltd.)

Product:
小熊天气

Version:
1.0.0.0

MD5:
351985795e99be94874177bee67cf8e6

SHA-1:
e29ab8768cd9616c6a3584f1983c7abb69110d0b

SHA-256:
a53d80a5247866cf40fc8cb82b779663d01cc33cf9f06f8460a0be1ee4cae250

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 3:30:34 PM UTC  (today)

File size:
1.1 MB (1,138,712 bytes)

Product version:
1.0.0.0

Copyright:
小熊天气

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Shanghai Digital Century Network Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
6/14/2013 9:00:00 AM

Valid to:
6/15/2014 8:59:59 AM

Subject:
CN="Shanghai Digital Century Network Co.,Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Shanghai Digital Century Network Co.,Ltd.", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7A9614A6E69B814BF05CB1C6A3F266EE

File PE Metadata
Compilation timestamp:
1/3/2014 12:55:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
24576:/sYqLwoZraPahozzpY3K4VMkcxerCtVYuhINZcNsqy4mEsEWry5h4uF:L8wo9aP2onmDVMBQ0SsRNUXEv5SuF

Entry address:
0x7F364

Entry point:
B8, 20, DA, 66, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 53, 46, 0C, 75, 16, 3E, C5, FF, 0F, 02, 76, 66, 8B, CF, 8C, 92, F9, EF, 0B, 97, 14, DD, 30, 6E, 2A, 25, E3, 24, EE, E5, 86, 82, 51, B8, CC, 5C, 45, 9C, 95, F3, 38, 10, 91, F4, ED, 00, E6, FE, 31, 51, BC, 32, 89, B6, 0C, E2, 69, C8, 37, 45, 4D, 44, 0E, F7, 10, C3, 5D, 80, 92, B3, 70, F6, 2E, 3D, 55, 3D, B1, D7, 95, 0D, 53, A3, 3D, 5E, 64, 79, 77, E0, AD, BF, 56, 0A, E9...
 
[+]

Entropy:
7.9567

Packer / compiler:
PECompact v2

Code size:
628 KB (643,072 bytes)

Scan iweather.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.