» tu8_43_setup.exe
Overview
Analysis
File Details

tu8_43_setup.exe

东莞市金斧子网络科技有限公司

This is a setup and installation application.

File name:

tu8_43_setup.exe

Publisher:

东莞市金斧子网络科技有限公司 (signed and verified)

Version:

2.0.0.4

MD5:

45fb2b9c87b855a0f816f0f5122dcd62

SHA-1:

0e8d32a6d36d4776a04490e1b9532d307620c034

SHA-256:

30ae9d5cfc944f9145b8e218c2e203d5a70f3bad87469a054ba61e0e7036ded6

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

1/13/2025 6:36:58 AM UTC (today)

File size:

6.8 MB (7,078,864 bytes)

Product version:

2.0.0.4

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\roaming\tu8_43_setup.exe

Digital Signature

Signed by:

东莞市金斧子网络科技有限公司

Authority:

WoSign CA Limited

Valid from:

10/23/2015 3:21:00 PM

Valid to:

11/23/2016 3:21:00 PM

Subject:

CN=东莞市金斧子网络科技有限公司, E=3189255925@qq.com, O=东莞市金斧子网络科技有限公司, L=东莞市, S=广东省, C=CN

Issuer:

CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:

5002674B14FB61E69C0EEFB262234238

File PE Metadata

Compilation timestamp:

2/18/2017 9:33:18 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x11DF7

Entry point:

E8, 81, 60, 00, 00, E9, 7F, FE, FF, FF, A1, 10, D0, 42, 00, C3, 6A, 08, 68, 40, B5, 42, 00, E8, 3D, 10, 00, 00, 8B, 75, 08, 85, F6, 0F, 84, FE, 00, 00, 00, 83, 7E, 24, 00, 74, 09, FF, 76, 24, E8, 39, E4, FF, FF, 59, 83, 7E, 2C, 00, 74, 09, FF, 76, 2C, E8, 2A, E4, FF, FF, 59, 83, 7E, 34, 00, 74, 09, FF, 76, 34, E8, 1B, E4, FF, FF, 59, 83, 7E, 3C, 00, 74, 09, FF, 76, 3C, E8, 0C, E4, FF, FF, 59, 83, 7E, 40, 00, 74, 09, FF, 76, 40, E8, FD, E3, FF, FF, 59, 83, 7E, 44, 00, 74, 09, FF, 76, 44, E8, EE, E3, FF, FF... 
[+]

Entropy:

7.9505 (probably packed)

Code size:

131 KB (134,144 bytes)

Scan tu8_43_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.