» tu8_43_setup.exe
Overview
Analysis
File Details

tu8_43_setup.exe

东莞市金斧子网络科技有限公司

This is a setup and installation application.

File name:

tu8_43_setup.exe

Publisher:

东莞市金斧子网络科技有限公司 (signed and verified)

Version:

2.0.0.4

MD5:

ea4075bb5391626488f6bd55d6a91570

SHA-1:

ae29aebf611ce2f3bcc2034bec1429ee081460eb

SHA-256:

278a8bd0b21a770af7713cf6e1166a0983d2a90f05f80e151ac20620100cb04b

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

1/13/2025 6:33:23 AM UTC (today)

File size:

6.6 MB (6,921,680 bytes)

Product version:

2.0.0.4

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\tu8_43_setup.exe

Digital Signature

Signed by:

东莞市金斧子网络科技有限公司

Authority:

WoSign CA Limited

Valid from:

10/23/2015 3:21:00 PM

Valid to:

11/23/2016 3:21:00 PM

Subject:

CN=东莞市金斧子网络科技有限公司, E=3189255925@qq.com, O=东莞市金斧子网络科技有限公司, L=东莞市, S=广东省, C=CN

Issuer:

CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:

5002674B14FB61E69C0EEFB262234238

File PE Metadata

Compilation timestamp:

3/13/2017 8:56:55 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x11DF7

Entry point:

E8, 81, 60, 00, 00, E9, 7F, FE, FF, FF, A1, 10, D0, 42, 00, C3, 6A, 08, 68, 40, B5, 42, 00, E8, 3D, 10, 00, 00, 8B, 75, 08, 85, F6, 0F, 84, FE, 00, 00, 00, 83, 7E, 24, 00, 74, 09, FF, 76, 24, E8, 39, E4, FF, FF, 59, 83, 7E, 2C, 00, 74, 09, FF, 76, 2C, E8, 2A, E4, FF, FF, 59, 83, 7E, 34, 00, 74, 09, FF, 76, 34, E8, 1B, E4, FF, FF, 59, 83, 7E, 3C, 00, 74, 09, FF, 76, 3C, E8, 0C, E4, FF, FF, 59, 83, 7E, 40, 00, 74, 09, FF, 76, 40, E8, FD, E3, FF, FF, 59, 83, 7E, 44, 00, 74, 09, FF, 76, 44, E8, EE, E3, FF, FF... 
[+]

Entropy:

7.9858 (probably packed)

Code size:

131 KB (134,144 bytes)

Scan tu8_43_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.