home

shuamesetup_3.6.0.195.exe

刷机精灵-安装程序

深圳瓶子科技有限公司

This is a setup program which is used to install the application. The file has been seen being downloaded from dl.shuame.com.
Publisher:
深圳瓶子科技有限公司

Product:
刷机精灵-安装程序

Description:
刷机精灵

Version:
3.6.0.195

MD5:
5c8ea495fa3e0a0db6f8341f3d35780f

SHA-1:
3b4d2bd5ce0a5c7814530a80407d82748a90ea04

SHA-256:
7687e970ae84e801efe0203556019e13af4c15093d383004734a588953b37567

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 10:00:53 AM UTC  (today)

File size:
39.7 MB (41,628,736 bytes)

Product version:
3.6.0.195

Copyright:
Copyright (C) 2011 BottleTech. All Rights Reserved.

Original file name:
Shuame.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, China)

Common path:
C:\users\{user}\downloads\shuamesetup_3.6.0.195.exe

File PE Metadata
OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
786432:i4rgUZXOh+wBzraxg+7GmO6vJihOvlWh9b4UtbmKFuMkgoE5E:VhZXO7B4Lv9WLblm2uMkgX5E

Entry address:
0xEAB85

Entry point:
BD, 61, 74, C2, 38, 85, F7, 81, C7, 54, 9E, 44, C3, F7, C2, 2C, D9, 0F, 70, 69, D9, 57, 2E, 92, 1D, 42, F3, B6, DD, 73, 05, FF, C0, 80, D4, DE, E8, 1B, 00, 00, 00, 8D, 3D, 98, 6C, A6, AD, 0F, AF, FF, 0F, B6, F5, 74, 07, 80, FF, C6, FF, C7, 87, DE, 81, FA, 61, B2, 00, 00, 0C, 45, C7, C7, D1, 96, 08, AF, 00, E9, 32, ED, F7, C7, DC, 6D, A9, DC, 89, C2, 3B, F3, 59, 86, FC, 69, C0, 08, D2, 1E, CC, 32, E3, 84, FC, F7, C1, BE, D7, 5B, F0, F7, C2, 4E, 38, FE, B6, F2, 81, E2, 25, 40, 4C, 01, 1D, 5C, 5E, 91, B3, F2...
 
[+]

Entropy:
7.9951  (probably packed)

Code size:
1.1 MB (1,124,352 bytes)

The file shuamesetup_3.6.0.195.exe has been seen being distributed by the following URL.

http://dl.shuame.com/files/3.6.0.195/.../ShuameSetup_3.6.0.195.exe

Scan shuamesetup_3.6.0.195.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.