mininews.exe

上海骏梦网络科技有限公司

Publisher:
上海骏梦网络科技有限公司  (signed and verified)

MD5:
b1d627481fd3e758c354f2d13d9effd4

SHA-1:
c5592868214c4c71ef378621eed53c4b8e79d098

SHA-256:
a37b155df0b9ed0aee22a1b9c3cb735cedb6e41d4235fd6bf25a682e5c7c263a

Scanner detections:
11 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 12:40:05 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/NSPack
7.1.1

AVG
nspack
2016.0.2990

Comodo Security
TrojWare.Win32.Trojan.NSPM.~gen
22413

Fortinet FortiGate
Generik.GRSZAUD!tr
9/11/2015

F-Prot
W32/Heuristic-210
v6.4.7.1.166

K7 AntiVirus
Trojan
13.204.16207

McAfee
Artemis!B1D627481FD3
5600.6646

Sophos
Mal/Packer
4.98

Trend Micro House Call
TROJ_GEN.R02SC0EKN14
7.2.254

Trend Micro
TROJ_GEN.R02SC0EKN14
10.465.11

VIPRE Antivirus
Packer.NSAnti.Gen
41026

File size:
144.3 KB (147,784 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\gm\xianjian\mininews.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
7/23/2013 5:54:40 PM

Valid to:
7/23/2016 5:54:40 PM

Subject:
CN=上海骏梦网络科技有限公司, OU=商务部, O=上海骏梦网络科技有限公司, L=上海, S=上海, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121E91DECC1A1D4F1F9EFD938A9AE91EB19

File PE Metadata
Compilation timestamp:
9/12/2013 2:12:34 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:mfslXxODn9xhD+pwTFpzdcUMEJZzUo2z3mYu5bRJTqm8rNW2Z:j9gDfhKpUF7cUMkZYo2TmDZRJME2Z

Entry address:
0x7E7E7

Entry point:
9C, 60, E8, 00, 00, 00, 00, 5D, 83, ED, 07, 8D, 8D, BD, FD, FF, FF, 80, 39, 01, 0F, 84, 42, 02, 00, 00, C6, 01, 01, 8B, C5, 2B, 85, 51, FD, FF, FF, 89, 85, 51, FD, FF, FF, 01, 85, 81, FD, FF, FF, 8D, B5, C5, FD, FF, FF, 01, 06, 55, 56, 6A, 40, 68, 00, 10, 00, 00, 68, 00, 10, 00, 00, 6A, 00, FF, 95, F9, FD, FF, FF, 85, C0, 0F, 84, 69, 03, 00, 00, 89, 85, 79, FD, FF, FF, E8, 00, 00, 00, 00, 5B, B9, 67, 03, 00, 00, 03, D9, 50, 53, E8, B0, 02, 00, 00, 5E, 5D, 8B, 36, 8B, FD, 03, BD, 41, FD, FF, FF, 8B, DF, 83...
 
[+]

Entropy:
7.8323

Packer / compiler:
NsPacK V3.7

Scan mininews.exe - Powered by Reason Core Security