home

launch.exe

ACTalk 2.0

Beijing Dashengzhixing Technology Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘51talkac’.
Publisher:
Beijing Dashengzhixing Technology  (signed by Beijing Dashengzhixing Technology Co., Ltd.)

Product:
ACTalk 2.0

Description:
2.7.0.61

Version:
2.7.0.61

MD5:
31ac9b2f245fa266ff61959cf01fda82

SHA-1:
9d9b9a71c3e056f7e7f1950fa5c62d3c65e25827

SHA-256:
1d1f8cedb55ff8e8bebb48a8579fa1a495283d5d350896ba295d0ce2fe1495f6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 6:49:34 PM UTC  (today)

File size:
213.5 KB (218,592 bytes)

Product version:
2.7.0.61

Copyright:
Copyright (c) Beijing Dashengzhixing Technology Co., Ltd.

Original file name:
ACLaunch.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\51talk\launch.exe

Digital Signature
Signed by:
Beijing Dashengzhixing Technology Co., Ltd.

Authority:
Symantec Corporation

Valid from:
1/11/2017 8:00:00 AM

Valid to:
2/8/2020 7:59:59 AM

Subject:
CN="Beijing Dashengzhixing Technology Co., Ltd.", O="Beijing Dashengzhixing Technology Co., Ltd.", L=北京, S=北京, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2A02E6DA00A14059E4FE992F8EDDAEC5

File PE Metadata
Compilation timestamp:
3/9/2017 4:57:15 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x2DF2

Entry point:
E8, A6, 3E, 00, 00, E9, 7F, FE, FF, FF, 56, 6A, 04, 6A, 20, E8, A0, 45, 00, 00, 59, 59, 8B, F0, 56, FF, 15, 94, B0, 40, 00, A3, 40, 3E, 41, 00, A3, 3C, 3E, 41, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 0C, 68, 00, F9, 40, 00, E8, 49, 43, 00, 00, E8, C9, 34, 00, 00, 83, 65, FC, 00, FF, 75, 08, E8, 23, 00, 00, 00, 59, 8B, F0, 89, 75, E4, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 8B, C6, E8, 64, 43, 00, 00, C3, 8B, 75, E4, E8, A4, 34, 00, 00, C3, 55, 8B, EC, 51, 53, 56, 8B...
 
[+]

Entropy:
5.0168

Code size:
37 KB (37,888 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
51talkac

Command:
C:\Program Files\51talk\launch.exe


Scan launch.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.