» pocket_test_ndl.exe
Overview
Analysis
File Details

pocket_test_ndl.exe

AddonIns

Liang Zhiyong

File name:

pocket_test_ndl.exe

Publisher:

ESOffers Network (signed by Liang Zhiyong)

Product:

AddonIns

Version:

1.0.0.5

MD5:

679f8434677b6d87f23d4a55db088c61

SHA-1:

c7bf70fc393c90dcce2531ee1be0269d7666b735

SHA-256:

90f42ee70f01cd7c16d0cb4f3c85f826b3f3d56cdacd0c03fb2a2d15a1ac8bcb

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/29/2024 8:09:47 AM UTC (today)

File size:

647.7 KB (663,240 bytes)

Product version:

1.0.0.5

Original file name:

AddonIns.exe

File type:

Executable application (Win32 EXE)

Language:

Chinese (Simplified, PRC)

Common path:

C:\Program Files\pocket\pocket_test_ndl.exe

Digital Signature

Signed by:

Liang Zhiyong

Authority:

WoSign CA Limited

Valid from:

11/2/2015 12:40:51 AM

Valid to:

11/2/2016 1:40:51 AM

Subject:

CN=Liang Zhiyong, L=Baoding, S=Hebei, C=CN

Issuer:

CN=WoSign Class 2 Code Signing CA G2, O=WoSign CA Limited, C=CN

Serial number:

44D586BCED405BAA251DB49F6C9B7705

File PE Metadata

Compilation timestamp:

7/21/2016 5:10:30 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:DaMy7etnUn+AB6pQvwO9MFqq/2gabUf7HQ8Sl2+bQLFYlFoUyi22Y:dy7eFAtB6mvoB/2xbr2+bQLCyiJY

Entry address:

0x2498B

Entry point:

E8, 0F, FF, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 55, 0C, A1, 10, 24, 49, 00, F7, D2, 8B, 4D, 08, 23, D0, 23, 4D, 0C, 0B, D1, 89, 15, 10, 24, 49, 00, 5D, C3, E8, 6C, 00, 01, 00, 85, C0, 74, 08, 6A, 16, E8, 8A, 00, 01, 00, 59, F6, 05, 10, 24, 49, 00, 02, 74, 21, 6A, 17, E8, AF, D6, 04, 00, 85, C0, 74, 05, 6A, 07, 59, CD, 29, 6A, 01, 68, 15, 00, 00, 40, 6A, 03, E8, FE, 82, 00, 00, 83, C4, 0C, 6A, 03, E8, 7F, 2F, 00, 00, CC, 55, 8B, EC, 83, EC, 20, 56, 57, 6A, 08, 59, BE, C8, B0, 47, 00, 8D, 7D, E0, F3... 
[+]

Code size:

475 KB (486,400 bytes)

Scan pocket_test_ndl.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.