home

SupperMan.exe

zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

ZHANG YUAN YUAN

The file SupperMan.exe by ZHANG YUAN YUAN has been detected as a potentially unwanted program by 9 anti-malware scanners.
Publisher:
TODO: <公司名>  (signed by ZHANG YUAN YUAN)

Product:
zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

Description:
TODO: <文件说明>

Version:
1.0.0.3

MD5:
ccede50daa7e1013cbdd214b03569d5c

SHA-1:
d8dab11a64fe661de6ddc76f9aa7aaaea0cf9368

SHA-256:
a74e56c67f8ce5c5935effc1ad1918c23a132fee540605418c3072f91ea89774

Scanner detections:
9 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 7:42:19 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2016.0.2903

Comodo Security
Application.Win32.Elex.~AGK
23683

ESET NOD32
Win32/ELEX.GD potentially unwanted application
7.0.302.0

K7 AntiVirus
Adware
13.212.18003

Malwarebytes
PUP.Optional.Elex
v2015.12.07.05

McAfee
Program.Artemis!CCEDE50DAA7E
18.0.204.0

Sophos
PUA 'Elex' (of type Adware)
5.21

VIPRE Antivirus
Threat.4150696
45588

Zillya! Antivirus
Adware.SoftPulse.Win32.1290
2.0.0.2538

File size:
203.1 KB (207,992 bytes)

Product version:
1.0.0.3

Copyright:
Copyright (C) 2015

Original file name:
SupperMan.exe

Language:
Chinese (Simplified, China)

Common path:
C:\users\{user}\appdata\local\temp\_@680f.tmp

Digital Signature
Signed by:
ZHANG YUAN YUAN

Authority:
COMODO CA Limited

Valid from:
9/29/2015 1:00:00 AM

Valid to:
9/24/2016 12:59:59 AM

Subject:
CN=ZHANG YUAN YUAN, O=ZHANG YUAN YUAN, POBox=122400, STREET=NO. 202 UNIT 7 DUZHEN VILLAGE SHAHAI COUNTY, L=JIANPING, S=LIAONING, PostalCode=122400, C=CN

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B87B078BE84D131E1E0AD44200A7F755

File PE Metadata
Compilation timestamp:
9/28/2015 3:14:29 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:nTX1tpVPkB8iQVrlZZ+qaFBRDguU41g9Nbcg:HM+iQrZZyj3aNbF

Entry address:
0xE5D5

Entry point:
E8, 11, 4B, 00, 00, E9, 7F, FE, FF, FF, CC, 8B, 44, 24, 0C, 53, 85, C0, 74, 52, 8B, 54, 24, 08, 33, DB, 8A, 5C, 24, 0C, F7, C2, 03, 00, 00, 00, 74, 16, 8A, 0A, 83, C2, 01, 32, CB, 74, 72, 83, E8, 01, 74, 32, F7, C2, 03, 00, 00, 00, 75, EA, 83, E8, 04, 72, 12, 57, 8B, FB, C1, E3, 08, 03, DF, 8B, FB, C1, E3, 10, 03, DF, EB, 1B, 5F, 83, C0, 04, 74, 0E, 8A, 0A, 83, C2, 01, 32, CB, 74, 40, 83, E8, 01, 75, F2, 5B, C3, 83, E8, 04, 72, E5, 8B, 0A, 33, CB, BF, FF, FE, FE, 7E, 03, F9, 83, F1, FF, 33, CF, 83, C2, 04...
 
[+]

Entropy:
5.7252

Code size:
105.5 KB (108,032 bytes)

Remove SupperMan.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.