home

TCAdaptorChrm.exe

口水党Native Message模块

上海班如信息技术有限公司

Publisher:
koushuidang.cn  (signed by 上海班如信息技术有限公司)

Product:
口水党Native Message模块

Version:
1.1.2.3

MD5:
cb729bf8a5fe344ea990c33debbf06a2

SHA-1:
e8668cca1eb8a66a1f202265415dd08810eb7b87

SHA-256:
3d539dfd26ad3d985b8d59b537c25a4675bd1c5fc8cb4f4671e85fc0c05603d0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/13/2025 5:39:21 PM UTC  (today)

File size:
857.1 KB (877,648 bytes)

Product version:
1.1.2.3

Copyright:
Copyright(C) 2011-2016 KouShuiDang Network Technology Co. Ltd.

Original file name:
TCAdaptorChrm.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\tucao\1.1.2.3\natmsg\tcadaptorchrm.exe

Digital Signature
Signed by:
上海班如信息技术有限公司

Authority:
WoSign CA Limited

Valid from:
11/24/2015 4:45:44 PM

Valid to:
11/24/2016 4:45:44 PM

Subject:
CN=上海班如信息技术有限公司, O=上海班如信息技术有限公司, L=上海市, S=上海市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
49A6C00A8DACA553282605EFEA11833D

File PE Metadata
Compilation timestamp:
8/24/2016 8:16:51 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

Entry address:
0x70AD6

Entry point:
E8, 8D, 87, 00, 00, E9, 7B, FE, FF, FF, 55, 8B, EC, 5D, E9, FD, E7, FF, FF, 55, 8B, EC, 83, 3D, 5C, 26, 4C, 00, 00, 75, 75, 8B, 55, 08, 85, D2, 75, 17, E8, FA, 0F, 00, 00, C7, 00, 16, 00, 00, 00, E8, 9A, 38, 00, 00, B8, FF, FF, FF, 7F, 5D, C3, 8B, 4D, 0C, 85, C9, 74, E2, 53, 56, 57, 6A, 41, 5F, 6A, 5A, 2B, D1, 5B, 0F, B7, 04, 0A, 66, 3B, C7, 72, 0D, 66, 3B, C3, 77, 08, 83, C0, 20, 0F, B7, F0, EB, 02, 8B, F0, 0F, B7, 01, 66, 3B, C7, 72, 0B, 66, 3B, C3, 77, 06, 83, C0, 20, 0F, B7, C0, 83, C1, 02, 66, 85, F6...
 
[+]

Entropy:
6.0466

Code size:
645 KB (660,480 bytes)

Scan TCAdaptorChrm.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.