home

malware82

CrystalDiskInfo

Meicun Ge

The file malware82 has been detected as malware by 6 anti-virus scanners.
Publisher:
Crystal Dew World  (signed by Meicun Ge)

Product:
CrystalDiskInfo

Version:
6.2.0.2014

MD5:
a7e194ee0907a36f9f68141b9b66b507

SHA-1:
1f02e5b1a65bdbefa856995948264a31ba604d1a

SHA-256:
858c3adc463a631cc51426ed45b4ced9f19828f0ac9d10dda8962fb79bc712f9

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
12/5/2024 12:39:17 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic_r
2016.0.3051

Dr.Web
Trojan.Packed.197
9.0.1.0192

ESET NOD32
Win32/Agent.RHL (variant)
9.11920

Microsoft Security Essentials
Trojan:Win32/Hitbrovi!dha
1.1.11804.0

Sophos
Mal/Agent-ARC
4.98

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
41880

File size:
362.2 KB (370,904 bytes)

Product version:
6.2.0.2014

Copyright:
Copyright (C) 2008-2014 hiyohiyo. All rights reserved.

Language:
Language Neutral

Digital Signature
Signed by:
Meicun Ge

Authority:
Unizeto Technologies S.A.

Valid from:
9/8/2014 9:49:43 AM

Valid to:
9/8/2015 9:49:43 AM

Subject:
E=meicunge@gmail.com, CN="Open Source Developer, meicun ge", O=Meicun Ge, C=CN

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
4FC13D6220C629043A26F81B1CAD72D8

File PE Metadata
Compilation timestamp:
12/12/2014 1:39:19 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:N6USdW7WZC+PDrKv5jxlVSNgSFwgPAydJkW+qJqlXoxRhwkSa1Wizqp:NEM7WQ+PqffFmwgPVdj+qUoPEawiG

Entry address:
0x91415

Entry point:
E8, 51, B7, FF, FF, 8D, 64, 24, 0C, E8, 99, 09, FE, FF, 68, 79, A7, 83, F0, 9C, 60, E9, D9, 04, FE, FF, 3F, 8D, 64, 01, F3, 46, E5, 32, 1B, C9, 6D, 55, 48, 3E, D7, 25, 35, ED, BF, 03, 79, F5, C6, 0E, E2, 15, D7, BD, CC, D2, 57, 55, 68, 16, 1F, B5, 35, E7, 12, 48, C5, 73, DE, 2C, C9, E7, 5A, 51, E0, CE, 08, A0, 62, 96, EB, 70, 0E, 96, 1E, C5, E1, 19, 30, 2E, A3, A8, 04, A2, A0, 6B, 4E, 56, 3B, 55, 32, 96, F8, 94, 27, 0C, 7E, BD, 1E, DD, 35, 9A, E2, 41, 82, 26, 47, F5, F3, F6, A0, 7A, A1, C4, 1B, 82, 68, 96...
 
[+]

Code size:
187 KB (191,488 bytes)

Remove malware82 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.