» tjsj30_2016330.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (8)

tjsj30_2016330.exe

Shenzhen Shi Wangzhuo Information Technology co.ltd

File name:

tjsj30_2016330.exe

Publisher:

Shenzhen Shi Wangzhuo Information Technology co.ltd (signed and verified)

Description:

甜椒刷机安装包

Version:

6, 9, 4, 6001

MD5:

SHA-1:

06df89c48be907cf24218dcb1115e56b947365dc

SHA-256:

41343aacd5c20d9b34f2a662ca34d57ce0d7e1f02075a6deb233b6f790738156

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/26/2024 2:58:14 AM UTC (today)

File size:

23.3 MB (24,413,448 bytes)

Product version:

6, 9, 4, 6001

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\tjsj30_2016330.exe

Digital Signature

Signed by:

Shenzhen Shi Wangzhuo Information Technology co.ltd

Authority:

Symantec Corporation

Valid from:

5/24/2016 8:00:00 AM

Valid to:

5/25/2017 7:59:59 AM

Subject:

CN=Shenzhen Shi Wangzhuo Information Technology co.ltd, OU=Technology Department, O=Shenzhen Shi Wangzhuo Information Technology co.ltd, L=shenzhen, S=Guangdong, C=CN

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

08B28B809BEB483587DE7ECE2FA86673

File PE Metadata

Compilation timestamp:

11/22/2016 5:48:43 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

393216:acYzqwZVr+GJrBAukjGS1LI3DZU/y3MGx9Q0V9cN+nya4QU6k16MeOyXN1RZCVVD:aHzfVNJrPkTaZ3MGxL9cN+nSj6k16/On

Entry address:

0x4F753

Entry point:

E8, EF, 3B, 01, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 0C, 53, 57, 8B, 7D, 08, 33, DB, 3B, FB, 75, 20, E8, 62, 75, FF, FF, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, AD, 6E, FF, FF, 83, C4, 14, 83, C8, FF, E9, 66, 01, 00, 00, 57, E8, C2, 19, 00, 00, 39, 5F, 04, 59, 89, 45, FC, 7D, 03, 89, 5F, 04, 6A, 01, 53, 50, E8, A7, 3C, 01, 00, 83, C4, 0C, 3B, C3, 89, 45, F8, 7C, D3, 8B, 57, 0C, F7, C2, 08, 01, 00, 00, 75, 08, 2B, 47, 04, E9, 2E, 01, 00, 00, 8B, 07, 8B, 4F, 08, 56, 8B, F0, 2B, F1, 89... 
[+]

Entropy:

7.9933 (probably packed)

Code size:

413.5 KB (423,424 bytes)

Access Provider

Name:

MartaExtension

The file tjsj30_2016330.exe has been discovered within the following programs.

Adobe Reader X (10.1.5) by Adobe Systems Incorporated

Adobe Acrobat X (version 10.0) is an applications designed to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.

www.adobe.com

4% remove it

Java 7 Update 13 by Oracle Corporation

This release includes important security fixes. Oracle strongly recommends that all Java SE 7 users upgrade to this release.

java.com

9% remove it

Java 7 Update 15 by Oracle Corporation

Publisher's description - “The full version string for this update release is 1.7.0_15-b03 (where "b" means "build") and the version number is 7u15. JDK 7u15 contains Olson time zone data version 2012i. For more information, refer to Timezone Data Versions in the JRE Software.”

www.oracle.com/technetwork/java/javase/7u15-relnotes-1907738.html

6% remove it

Java 7 Update 7 by Oracle Corporation

Publisher's description - “This releases brings in key security features and bug fixes. Oracle strongly recommends that all Java SE 7 users upgrade to this release. JavaFX 2.2.4 is now bundled with the JDK on Windows, Mac and Linux x86/x64.”

12% remove it

QuarkXPress by Quark Inc.

www.quark.com

8% remove it

The Sims™ Life Stories by Electronic Arts

The Sims Life Stories is a video game distributed through EA's Origin digital distribution and digital rights management content delivery system.

www.ea.com

5% remove it

Total Video Converter 3.71 100812 by EffectMatrix Inc.

Publisher's description - “E.M. Total Video Converter is a piece of extremely powerful and full-featured converter software that supports almost all video and audio formats.”

www.effectmatrix.com/total-video-converter

19% remove it

TVCenter by PCTV Systems

Publisher's description - “PCTV TV Center is equipped with a powerful PVR functionality. You can watch your favorite TV stations, timeshift, schedule recordings and much more . PCTV TV products bring TV to your computer. You can easily enable your PC / Laptop with a full featured TV functionality.”

www.pctvsystems.com

23% remove it

Scan tjsj30_2016330.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.