mininews.exe

上海骏梦网络科技有限公司

The executable mininews.exe has been detected as malware by 9 anti-virus scanners.
Publisher:
上海骏梦网络科技有限公司  (signed and verified)

MD5:
decf617356b6dd90d93b2e3068ae757e

SHA-1:
8969dfcb9e907cabb43220857527c2c6e68c4595

SHA-256:
303b3e046cf8558692188e2e55b07207c13f407ee3cea694da7d6d7243b5543c

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/28/2024 5:55:21 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/NSPack
7.1.1

AVG
nspack
2017.0.2805

Comodo Security
TrojWare.Win32.Trojan.NSPM.~gen
23774

F-Prot
W32/Heuristic-210
v6.4.7.1.166

K7 AntiVirus
Trojan
13.212.18116

Malwarebytes
Trojan.MalPack.Generic
v2016.03.14.11

Total Defense
Win32/Tnega.BDEYBDD
37.1.62.1

Trend Micro
TROJ_GEN.R03EC0RKI15
10.465.14

VIPRE Antivirus
Packer.NSAnti.Gen
45872

File size:
144.2 KB (147,616 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
7/23/2013 5:54:40 PM

Valid to:
7/23/2016 5:54:40 PM

Subject:
CN=上海骏梦网络科技有限公司, OU=商务部, O=上海骏梦网络科技有限公司, L=上海, S=上海, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121E91DECC1A1D4F1F9EFD938A9AE91EB19

File PE Metadata
Compilation timestamp:
8/26/2013 3:23:20 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:XHfslhdp+3N2oRl2uufRt1TStI8W2a5SgBi:k7Jo6xR7Stc2+U

Entry address:
0x7D7E5

Entry point:
9C, 60, E8, 00, 00, 00, 00, 5D, 83, ED, 07, 8D, 8D, BF, FD, FF, FF, 80, 39, 01, 0F, 84, 42, 02, 00, 00, C6, 01, 01, 8B, C5, 2B, 85, 53, FD, FF, FF, 89, 85, 53, FD, FF, FF, 01, 85, 83, FD, FF, FF, 8D, B5, C7, FD, FF, FF, 01, 06, 55, 56, 6A, 40, 68, 00, 10, 00, 00, 68, 00, 10, 00, 00, 6A, 00, FF, 95, FB, FD, FF, FF, 85, C0, 0F, 84, 69, 03, 00, 00, 89, 85, 7B, FD, FF, FF, E8, 00, 00, 00, 00, 5B, B9, 67, 03, 00, 00, 03, D9, 50, 53, E8, B0, 02, 00, 00, 5E, 5D, 8B, 36, 8B, FD, 03, BD, 43, FD, FF, FF, 8B, DF, 83...
 
[+]

Entropy:
7.8322

Packer / compiler:
NsPacK V3.7

Remove mininews.exe - Powered by Reason Core Security