home

myuser.exe

Jinnan Wu

The application myuser.exe by Jinnan Wu has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Jinnan Wu  (signed and verified)

MD5:
ed2caecbecd5d38229f139bf075df0e1

SHA-1:
10309bd7fe8707dac850351c351c767105767359

SHA-256:
bf51ba84dec9be2a37c792e59d56add06ffa72e8f8604c825885106b8760c7f1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 3:56:08 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Elex (M)
16.9.20.10

File size:
153.2 KB (156,848 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\tools\qksee\myuser.exe

Digital Signature
Signed by:
Jinnan Wu

Authority:
thawte, Inc.

Valid from:
9/18/2016 5:00:00 PM

Valid to:
1/17/2017 3:59:59 PM

Subject:
CN=Jinnan Wu, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
52064AE99FEB7C10A0A4F51CF527B2FC

File PE Metadata
Compilation timestamp:
9/19/2016 6:55:46 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:S8jV1BiCz3/P5BPlPpXdfJNXpvMKsAWGkQusuPXkXR0crMs8jcde6FKx+a1uKw:jd35xlPpdRLcApkrXIJeuQ+a1uKw

Entry address:
0x3638

Entry point:
E8, 70, 37, 00, 00, E9, 39, FE, FF, FF, 6A, 03, E8, 24, 37, 00, 00, 59, 83, F8, 01, 74, 15, 6A, 03, E8, 17, 37, 00, 00, 59, 85, C0, 75, 1F, 83, 3D, F0, 50, 42, 00, 01, 75, 16, 68, FC, 00, 00, 00, E8, 31, 00, 00, 00, 68, FF, 00, 00, 00, E8, 27, 00, 00, 00, 59, 59, C3, 55, 8B, EC, 8B, 4D, 08, 33, C0, 3B, 0C, C5, 40, BC, 41, 00, 74, 0A, 40, 83, F8, 17, 72, F1, 33, C0, 5D, C3, 8B, 04, C5, 44, BC, 41, 00, 5D, C3, 55, 8B, EC, 81, EC, FC, 01, 00, 00, A1, F8, 40, 42, 00, 33, C5, 89, 45, FC, 56, 8B, 75, 08, 57, 56...
 
[+]

Code size:
100.5 KB (102,912 bytes)

Remove myuser.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.