» sbyinshi.exe
Overview
Analysis
File Details

sbyinshi.exe

速播视频

刘诗诗

File name:

sbyinshi.exe

Publisher:

周继仁 (signed by 刘诗诗)

Product:

速播视频

Version:

1.0.0.37

MD5:

bbd91528c32d33b2b4a6556b74608136

SHA-1:

44fe8391947eccde03f09009220d0b70afa41374

SHA-256:

a56caeb69d7762527082ba62440c56df8fec8f7e6b12eb4797da4a8ee1ddf39e

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/23/2024 11:51:53 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Trend Micro House Call

Suspicious_GEN.F47V0115

7.2.99

File size:

1.7 MB (1,761,968 bytes)

Product version:

1.0.0.0

Original file name:

速播视频

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\sb_20141202\sbyinshi.exe

Digital Signature

Signed by:

刘诗诗

Authority:

WoSign CA Limited

Valid from:

6/11/2014 4:48:01 PM

Valid to:

6/11/2015 4:48:01 PM

Subject:

CN=刘诗诗, E=5011net@sina.com, L=常山县, S=浙江省, C=CN

Issuer:

CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:

05767A56D82D3A4015513D7E7534F5F1

File PE Metadata

Compilation timestamp:

11/30/2014 6:42:16 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:wTvO9NM0TU1ixpsLB4SJGzx37iZ+DQUl0WHLlfxzSa9XC9wZXxs5ZTLbMlcguDXI:Mgy6SKx37iZKLzSSNhkTXMlcrDXI

Entry address:

0x14D2C4

Entry point:

55, 8B, EC, 83, C4, E8, 53, 33, C0, 89, 45, EC, 89, 45, E8, B8, 94, 47, 54, 00, E8, F7, D1, EB, FF, 33, C0, 55, 68, A3, D3, 54, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, B8, 01, 00, 00, 00, E8, 5C, 73, EB, FF, 8B, 4D, E8, 8D, 45, EC, BA, BC, D3, 54, 00, E8, D8, 9B, EB, FF, 8B, 45, EC, E8, 88, 97, EB, FF, 50, 6A, FF, 6A, 00, E8, 1E, DF, EB, FF, 8B, D8, E8, 1F, E0, EB, FF, 3D, B7, 00, 00, 00, 74, 5A, A1, 24, 67, 55, 00, 8B, 00, E8, BC, 85, F6, FF, A1, 24, 67, 55, 00, 8B, 00, B2, 01, E8, C6, A1, F6, FF, A1, 24... 
[+]

Entropy:

6.7128

Developed / compiled with:

Microsoft Visual C++

Code size:

1.3 MB (1,360,384 bytes)

Scan sbyinshi.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.