home

mousekeyimitative.exe

MouseKeyImitative Module

广州华多网络科技有限公司

Publisher:
广州华多网络科技有限公司  (signed and verified)

Product:
MouseKeyImitative Module

Description:
多玩鼠标、键盘连点器

Version:
1, 1, 0, 2

MD5:
e215c1b3fb6ea736b8093b8e8be54fe6

SHA-1:
b95b20b30a0ec204c0d26866591853af28ffa488

SHA-256:
cea2d7764355495bdae03a0ecd27f56694f23098be8ca2c53c13bfde958953e1

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/28/2024 12:27:59 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V1230
7.2.269

File size:
105.7 KB (108,200 bytes)

Product version:
1, 1, 0, 2

Copyright:
Copyright 2010

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
广州华多网络科技有限公司

Authority:
WoSign, Inc.

Valid from:
11/15/2010 8:00:00 AM

Valid to:
11/16/2011 7:59:59 AM

Subject:
CN=广州华多网络科技有限公司, OU=WoSign Class 3 Code Signing, O=广州华多网络科技有限公司, L=广州市, S=广东省, C=CN

Issuer:
CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:
009FC86EC54D6FBF2DD5F77F2B38ADC2BB

File PE Metadata
Compilation timestamp:
12/20/2010 9:37:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:X07U+tXmL78hjDlOGwF3f/GfieEout1bW7:X8UJ8h3lOGO3GKeEoS1q

Entry address:
0x401E0

Entry point:
60, BE, 00, 00, 43, 00, 8D, BE, 00, 10, FD, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 12, EC, 03, 00, 57, 83, C3, 04, 53, 68, D2, 01, 01, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.2945

Code size:
68 KB (69,632 bytes)

Scan mousekeyimitative.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.