tmp526c.tmp.exe

PlayAll@Once CodecPack

Wen Jia Liu

Publisher:
Playallatonce.com  (signed by Wen Jia Liu)

Product:
PlayAll@Once CodecPack

Description:
CodecPack for playing all known media file formats

Version:
55.11.66.1234

MD5:
3e4295a21e95d30b2726f374dbe78a33

SHA-1:
4e833df6a77287ec37399211f6eb16439095a36f

SHA-256:
5d35b47c3d6885f544f2545654af07e945eaaf1f8670febced0e3f3b30856436

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/16/2024 7:52:32 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Kryptik.GZX trojan
6.3

F-Secure
Variant.MSILPerseus.46130
5.15.96

File size:
155.5 KB (159,264 bytes)

Product version:
55.11.66.1234

Copyright:
Copyright © 2010-2012 Playallatonce.com (GNU)

Original file name:
Playallatonce.com.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\tmp526c.tmp.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
10/29/2013 6:00:00 PM

Valid to:
1/4/2017 5:00:00 AM

Subject:
CN=Wen Jia Liu, O=Wen Jia Liu, L=Sydney, S=New South Wales, C=AU

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0FF1EF66BD621C65B74B4DE41425717F

File PE Metadata
Compilation timestamp:
8/10/2016 12:08:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:8Hwj/t/1mm/7sijKFiB+TOIytBsmxes8JVLGP3agC1SI:tjnz7sijKwtBsmxefJVm38

Entry address:
0x2432E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.3505

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
137 KB (140,288 bytes)

Scan tmp526c.tmp.exe - Powered by Reason Core Security