home

qmzs_2.0.0.1096_guanwang.exe

全民助手

Beijing Funplay Interactive Information Technology Co., Ltd.

Publisher:
Beijing Funplay Interactive Information Technology Co., Ltd.

Product:
全民助手

Description:
全民助手安装包

Version:
2.0.0.1096

MD5:
3a65be69973b9b7e6c7b43db73b46d4c

SHA-1:
c0bf8db956127b21e9786eeda250334b3a2c7276

SHA-256:
d1534831f92039b09a4cb95afa7bbddd15441e16d374733ff8a6a062277998ae

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 6:43:42 AM UTC  (today)

File size:
2.8 MB (2,954,278 bytes)

Product version:
2.0.0.1096

Copyright:
Copyright (C) 2016

Original file name:
Installer

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\downloads\qmzs_2.0.0.1096_guanwang.exe

File PE Metadata
Compilation timestamp:
1/14/2016 12:45:06 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
49152:TyAtEWoeysn6HxBZTxEDhUkxtjfMiSxSSoMXg6iK8//:TPpys6HxWukxtjrSFw6s3

Entry address:
0xD82CA

Entry point:
E8, A9, 0B, 00, 00, E9, 80, FE, FF, FF, 6A, 10, 68, A8, DE, 53, 00, E8, 90, 09, 00, 00, 33, DB, 89, 5D, E0, 88, 5D, E7, 89, 5D, FC, 3B, 5D, 14, 74, 20, FF, 75, 0C, 8B, 4D, 18, E8, 47, 06, 00, 00, 8B, 4D, 08, FF, 55, 18, 8B, 45, 10, 01, 45, 08, 01, 45, 0C, 43, 89, 5D, E0, EB, DB, B0, 01, 88, 45, E7, C7, 45, FC, FE, FF, FF, FF, E8, 0E, 00, 00, 00, E8, 90, 09, 00, 00, C2, 18, 00, 8B, 5D, E0, 8A, 45, E7, 84, C0, 75, 0F, FF, 75, 1C, 53, FF, 75, 10, FF, 75, 08, E8, B8, F7, FF, FF, C3, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Entropy:
7.5489

Code size:
1 MB (1,100,800 bytes)

The file qmzs_2.0.0.1096_guanwang.exe has been seen being distributed by the following URL.

http://cdn.qmzs.com/.../qmzs_2.0.0.1096_guanwang.exe

Scan qmzs_2.0.0.1096_guanwang.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.