setup_5162.exe

BYYD安装

GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD.

The application setup_5162.exe by GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD has been detected as a potentially unwanted program by 21 anti-malware scanners.
Product:
BYYD安装

Description:
BYYD安装

Version:
1.14.12.8

MD5:
b7686a05b3fc455365d7fc60408f5e07

SHA-1:
e4b1ca6597b3fd09d45b74032a6d776745c8b5e9

SHA-256:
0a0e99cc2268bffd728eab88aac9cf2954baf5719968fc886949677574951226

Scanner detections:
21 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 9:38:08 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Strictor.72872
54

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
TR/wuji.704096
7.11.201.132

Bitdefender
Gen:Variant.Strictor.72872
1.0.20.1735

Comodo Security
UnclassifiedMalware
20715

Dr.Web
DLOADER.Trojan
9.0.1.0347

Emsisoft Anti-Malware
Gen:Variant.Strictor.72872
8.16.12.12.11

ESET NOD32
Win32/WuJi (variant)
10.11017

Fortinet FortiGate
Riskware/WuJi
12/12/2016

F-Secure
Gen:Variant.Strictor.72872
11.2016-12-12_2

G Data
Gen:Variant.Strictor.72872
16.12.24

IKARUS anti.virus
Trojan.Msil
t3scan.1.8.6.0

K7 AntiVirus
Trojan
13.191.14649

McAfee
PUP-FNT
5600.6188

MicroWorld eScan
Gen:Variant.Strictor.72872
17.0.0.1041

NANO AntiVirus
Trojan.Win32.Wuji.dljfrf
0.30.0.64448

Sophos
Generic PUA OE
4.98

Trend Micro House Call
TROJ_GEN.F0C2C00A215
7.2.347

Trend Micro
TROJ_GEN.F0C2C00A215
10.465.12

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
36674

File size:
5.5 MB (5,719,624 bytes)

Product version:
1.14.12.8

Copyright:
Copyright (C) 2014

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup_5162.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
4/14/2014 8:00:00 AM

Valid to:
4/15/2015 7:59:59 AM

Subject:
CN="GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD.", O="GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD.", L=Nanning, S=Guangxi, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2BAC93FD3FE5B005036AD0D4C873C6E5

File PE Metadata
Compilation timestamp:
12/8/2014 4:03:40 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x31C38

Entry point:
E8, 15, 8D, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 56, 33, C0, 50, 50, 50, 50, 50, 50, 50, 50, 8B, 55, 0C, 8D, 49, 00, 8A, 02, 0A, C0, 74, 09, 83, C2, 01, 0F, AB, 04, 24, EB, F1, 8B, 75, 08, 8B, FF, 8A, 06, 0A, C0, 74, 0C, 83, C6, 01, 0F, A3, 04, 24, 73, F1, 8D, 46, FF, 83, C4, 20, 5E, C9, C3, 6A, 14, 68, A8, B6, 45, 00, E8, 64, 3C, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45...
 
[+]

Entropy:
7.9474  (probably packed)

Code size:
318 KB (325,632 bytes)

Remove setup_5162.exe - Powered by Reason Core Security