trotux.exe

BIG JOURNEY TECHNOLOGY LIMITED

The application trotux.exe by BIG JOURNEY TECHNOLOGY LIMITED has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
BIG JOURNEY TECHNOLOGY LIMITED  (signed and verified)

MD5:
fb9a2564e5efec4c29e04353f544b1e3

SHA-1:
e54ab76b4e4049f9936886da007ede8f8795419a

SHA-256:
4571696bcaf815d5ddc9c4983766846e6d020e6a50ac827481cf37b9d0781032

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/29/2024 12:03:10 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.YesSearches (M)
16.12.7.20

File size:
410.3 KB (420,128 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\trotux.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
11/30/2016 9:34:09 AM

Valid to:
1/21/2017 3:56:27 AM

Subject:
CN=BIG JOURNEY TECHNOLOGY LIMITED, O=BIG JOURNEY TECHNOLOGY LIMITED, L=香港, S=香港, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE

Serial number:
01F65582A1756700D15DC28F

File PE Metadata
Compilation timestamp:
11/22/2016 4:13:19 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x6C0B

Entry point:
F5, 6A, 15, 62, C6, 2D, DC, 30, 1B, DE, 9C, EB, 4B, DA, 80, B4, 37, 54, 69, 37, A5, 8A, 7A, A4, 0D, 16, BE, F2, F9, B2, 4C, 65, 3A, FA, 76, A9, E4, F6, 66, 49, F9, 9A, 90, 9A, 2C, EA, 28, F7, B5, EB, 95, 6B, 78, 0C, 85, BF, 41, 61, C6, 63, EC, 0A, 73, 66, 2C, 6F, E7, 9F, CF, 3E, DF, BF, 63, D2, F7, 73, A3, BB, 4F, 6F, 85, 30, F8, 09, 28, 23, 6A, 7B, 23, 1C, 5F, A3, 50, A6, 5D, AA, B5, 7E, 98, 4D, 21, 27, B1, D4, 77, 87, 4B, 28, 3E, 9B, 4B, 90, 95, 04, 58, E1, 11, 6C, F2, 1F, BA, 68, 06, EF, B8, B9, 60, 02...
 
[+]

Entropy:
7.8185  (probably packed)

Code size:
367.5 KB (376,320 bytes)

Remove trotux.exe - Powered by Reason Core Security