home

tiantianinstall.exe

福州市鼓楼区天奇矩阵软件有限公司

Publisher:
福州市鼓楼区天奇矩阵软件有限公司  (signed and verified)

Description:
TianTianDownloader

Version:
1.0.0.1

MD5:
9ee1c509241c9d48b79b168ab83f03f4

SHA-1:
3808a35bce70e0a28b7bdeb5f16e8541b94c112e

SHA-256:
65dd346e114643c6e30fbf476b989522bc6a16d82494ffe07b5f505fb00a3862

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 12:02:55 PM UTC  (today)

File size:
1.2 MB (1,259,336 bytes)

Product version:
1.0.0.1

Original file name:
TianTianDownloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\tiantianinstall.exe

Digital Signature
Signed by:
福州市鼓楼区天奇矩阵软件有限公司

Authority:
Symantec Corporation

Valid from:
12/19/2014 8:00:00 AM

Valid to:
2/17/2018 7:59:59 AM

Subject:
CN=福州市鼓楼区天奇矩阵软件有限公司, OU=运维中心, O=福州市鼓楼区天奇矩阵软件有限公司, L=福州, S=福建, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
72F4B0DB870BC5DC575EBF6163FDA5B8

File PE Metadata
Compilation timestamp:
3/10/2017 1:19:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0xDA35

Entry point:
E8, AF, 04, 00, 00, E9, 6B, FD, FF, FF, 3B, 0D, 28, 60, 43, 00, 75, 02, F3, C3, E9, 36, 05, 00, 00, 8B, FF, 55, 8B, EC, F6, 45, 08, 02, 57, 8B, F9, 74, 25, 56, 68, BA, E0, 40, 00, 8D, 77, FC, FF, 36, 6A, 0C, 57, E8, 5F, 01, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, F1, F8, FF, FF, 59, 8B, C6, 5E, EB, 14, E8, 34, 06, 00, 00, F6, 45, 08, 01, 74, 07, 57, E8, DA, F8, FF, FF, 59, 8B, C7, 5F, 5D, C2, 04, 00, FF, 25, C0, 62, 42, 00, FF, 25, D0, 62, 42, 00, FF, 25, D8, 62, 42, 00, FF, 25, DC, 62, 42, 00, FF, 25, E0...
 
[+]

Entropy:
7.1669

Code size:
146 KB (149,504 bytes)

Scan tiantianinstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.