MBManager.exe

Shanghai Dragon Habitat Network Information Technology Co., Ltd.

The application MBManager.exe by Shanghai Dragon Habitat Network Information Technology Co. has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
www.guangsu.cn  (signed by Shanghai Dragon Habitat Network Information Technology Co., Ltd.)

Description:
输入法此词库工具

Version:
2, 5, 0, 0

MD5:
471fbebc2f3a14483d7e3d71112fa19d

SHA-1:
140fc89ca5e9158a8e49910f4db489bc041f2a3a

SHA-256:
66c803bd14af6fd317535dce17035c804146ba2eb4e73d67728b1cd0858f32dc

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/29/2024 12:36:58 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.17.12

File size:
1.1 MB (1,191,104 bytes)

Product version:
2, 5, 0, 0

Copyright:
版权所有 (C) 2013

Original file name:
MBManager.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, China)

Common path:
C:\Program Files\gssoft\gswb\mbmanager.exe

Digital Signature
Authority:
WoSign eCommerce Services Limited

Valid from:
8/28/2012 2:03:24 AM

Valid to:
8/30/2013 7:41:29 AM

Subject:
E=shxiaohei@vip.qq.com, CN="Shanghai Dragon Habitat Network Information Technology Co., Ltd.", O="Shanghai Dragon Habitat Network Information Technology Co., Ltd.", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
060E3CD0F5C7EE

File PE Metadata
Compilation timestamp:
3/25/2013 11:20:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:zWtrtQjNpK7ZcG72RTdzeEaitar4iABOpCfY81f1UyHr28kVZoULiVukAPjA4sTr:zMkDTdXXfY81f1UykVZquUzfZ3r

Entry address:
0x622F7

Entry point:
E8, 4F, 7C, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, 08, 40, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 54, 20, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, 47, 26, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, A6, 1E, 00, 00, 83, C4, 0C, 39, 7D, 10, 74, B6, 39, 75, 0C, 73, 0E, E8, B9, 3F, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, AD, 6A, 16...
 
[+]

Entropy:
6.6430

Code size:
520 KB (532,480 bytes)

Remove MBManager.exe - Powered by Reason Core Security