jingling.exe

流量精灵

Rice Electronics Co.,Ltd

The application jingling.exe by Rice Electronics Co.,Ltd has been detected as a potentially unwanted program by 13 anti-malware scanners.
Publisher:
精灵软件  (signed by Rice Electronics Co.,Ltd)

Product:
流量精灵

Version:
2012.9.21.93

MD5:
d228488d8134ac5b3a53871a7fe6abf2

SHA-1:
4d324a97df428e6b918100c90ec92d5b904a412f

Scanner detections:
13 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 2:45:18 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.FlowSpirit
7.1.1

AhnLab V3 Security
Trojan/Win32.Clicker
2014.08.05

Avira AntiVirus
TR/Agent.638976.64
7.11.146.40

Bkav FE
W32.Clodc75.Trojan
1.3.0.4959

Dr.Web
Trojan.DownLoader8.23186
9.0.1.05

ESET NOD32
Win32/FlowSpirit (variant)
10.10204

Fortinet FortiGate
Riskware/FlowSpirit
1/5/2016

IKARUS anti.virus
Trojan.Agent
t3scan.1.6.1.0

McAfee
Artemis!FD931156E76E
5600.6529

NANO AntiVirus
Trojan.Win32.FlowSpirit.cofomv
0.28.0.59608

Qihoo 360 Security
Win32/Trojan.Adware.37e
1.0.0.1015

Rising Antivirus
PE:Trojan.Win32.Generic.14E0B5F3!350270963
23.00.65.16103

Sophos
Mal/Generic-S
4.98

File size:
623.9 KB (638,896 bytes)

Product version:
3.4.5.4

Copyright:
Copyright 2012 Spiritsoft All Rights Reserved.

Original file name:
jingling.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (PRC)

Common path:
C:\Documents and Settings\{user}\My documents\my pictures\siwei\software\jingling_269344\jingling.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
11/4/2011 8:00:00 AM

Valid to:
11/4/2012 7:59:59 AM

Subject:
CN="Rice Electronics Co.,Ltd", OU=VTN Support, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Rice Electronics Co.,Ltd", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2AFDF409C5B747EF1F1BA5905A0DD798

File PE Metadata
Compilation timestamp:
9/21/2012 2:26:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:gJRLr1UoI2H47p7tFo/jF5J1Rg/JGudWdjbwXMdl8k55TB4Nz+fY3wkfMFe:gJcoI2H497I/jnRg/Uj/+k55T2970c

Entry address:
0x49A98

Entry point:
E8, 0C, BC, 00, 00, E9, 17, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8D, 42, FF, 5B, C3, 8D, A4, 24, 00, 00, 00, 00, 8D, 64, 24, 00, 33, C0, 8A, 44, 24, 08, 53, 8B, D8, C1, E0, 08, 8B, 54, 24, 08, F7, C2, 03, 00, 00, 00, 74, 15, 8A, 0A, 83, C2, 01, 3A, CB, 74, CF, 84, C9, 74, 51, F7, C2, 03, 00, 00, 00, 75, EB, 0B, D8, 57, 8B, C3, C1, E3, 10, 56, 0B, D8, 8B, 0A, BF, FF, FE, FE, 7E, 8B, C1, 8B, F7, 33, CB, 03, F0, 03, F9, 83, F1, FF, 83, F0, FF, 33, CF, 33, C6, 83, C2, 04, 81, E1...
 
[+]

Entropy:
6.5557

Code size:
422.5 KB (432,640 bytes)

Windows Firewall Allowed Program
Name:
D:\Documents and Settings\User\My Documents\My Pictures\siwei\software\jingling_269344\jingling.exe


Remove jingling.exe - Powered by Reason Core Security