home

taigjbreak_en_224_5174_v.exe

北京悠然天地科技有限公司

This is a setup program which is used to install the application. The file has been seen being downloaded from res.taig.com.
Publisher:
taig tools  (signed by 北京悠然天地科技有限公司)

Product:
taig tools

Description:
taig tools(5186)

Version:
2.4.4.0

MD5:
9ca9a7daba468ba58d67cd9f58fbd947

SHA-1:
499381a133b89f052197af5a48d977967670b43d

SHA-256:
08d180653cf2f73440b0a411e39f98ecc1be2702f87ee01505269f46822164cb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 7:14:51 PM UTC  (today)

File size:
67.5 MB (70,757,384 bytes)

Product version:
2.4.4.0

Copyright:
Copyright (C) 2015

Original file name:
taig tools

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\programs\taigjbreak_en_224_5174_v.exe

Digital Signature
Signed by:
北京悠然天地科技有限公司

Authority:
GlobalSign nv-sa

Valid from:
1/6/2015 1:24:34 PM

Valid to:
1/7/2016 1:24:34 PM

Subject:
CN=北京悠然天地科技有限公司, O=北京悠然天地科技有限公司, L=北京, S=北京, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121995FF374E7AC48800B98E7E07A4A03C7

File PE Metadata
Compilation timestamp:
11/24/2015 12:57:11 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1572864:+qeo5sf6IoUCafYUnLkwLUUnjpPQ9ODmWikaMgR/oPR4k:y+LUCawUnLkwLl5rrMd0l

Entry address:
0x86C372A

Entry point:
EB, 08, B9, AA, 01, 00, 00, 00, 00, 00, E9, 30, E8, DD, FB, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9993  (probably packed)

Code size:
67.1 MB (70,354,944 bytes)

The file taigjbreak_en_224_5174_v.exe has been seen being distributed by the following URL.

http://res.taig.com/.../TaiGJBreak_EN_224_5174_v.exe

Scan taigjbreak_en_224_5174_v.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.