TheWorld.exe

TheWorld

北京世界星辉科技有限责任公司

Publisher:
TheWorld.CN  (signed by 北京世界星辉科技有限责任公司)

Product:
TheWorld

Version:
6.1.0.134

MD5:
79cb6f154ed0968fadfff48a00032c8e

SHA-1:
caa83792541b9fc38e67f3ce8a31475856f7614f

SHA-256:
7cadd49cabdbf5212793866f347be8b6af6140c0342fd2cdb184faff855f631d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 11:38:50 AM UTC  (today)

File size:
662.1 KB (678,040 bytes)

Product version:
6.1.0.134

Copyright:
Copyright@2004-2013 The TheWorld.CN Authors. All rights reserved.

Original file name:
TheWorld.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\theworld_chrome\theworld\theworld.exe

Digital Signature
Authority:
WoSign eCommerce Services Limited

Valid from:
7/1/2013 6:20:05 PM

Valid to:
10/4/2016 5:41:28 PM

Subject:
E=support@theworld.cn, CN=北京世界星辉科技有限责任公司, O=北京世界星辉科技有限责任公司, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
12511C863BFA13

File PE Metadata
Compilation timestamp:
10/18/2013 3:36:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:oojPPt6uJTWa9lbFBYaDoC1KFoGsCxqGG3F7qHnj+Wd4TOd8ZUydJGLoFKrGwJbm:7r16c7lRDoC1KFoGZgqHnFiTOdkeoAi

Entry address:
0x3EC91

Entry point:
E8, 86, 43, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 28, 0D, 48, 00, 89, 0D, 24, 0D, 48, 00, 89, 15, 20, 0D, 48, 00, 89, 1D, 1C, 0D, 48, 00, 89, 35, 18, 0D, 48, 00, 89, 3D, 14, 0D, 48, 00, 66, 8C, 15, 40, 0D, 48, 00, 66, 8C, 0D, 34, 0D, 48, 00, 66, 8C, 1D, 10, 0D, 48, 00, 66, 8C, 05, 0C, 0D, 48, 00, 66, 8C, 25, 08, 0D, 48, 00, 66, 8C, 2D, 04, 0D, 48, 00, 9C, 8F, 05, 38, 0D, 48, 00, 8B, 45, 00, A3, 2C, 0D, 48, 00, 8B, 45, 04, A3, 30, 0D, 48, 00, 8D, 45, 08, A3, 3C, 0D, 48...
 
[+]

Entropy:
6.4533

Code size:
364 KB (372,736 bytes)

Shell Open Command
Open type:
ftp

Command:
"C:\users\{user}\downloads\theworld_chrome\theworld\theworld.exe" -- "%1"


Scan TheWorld.exe - Powered by Reason Core Security