home

uninst.exe

手心输入法

北京酷睿蒙数字科技有限公司

Publisher:
北京酷睿蒙数字科技有限公司  (signed and verified)

Product:
手心输入法

Description:
手心输入法 卸载程序

Version:
2.3.0.1302

MD5:
7ee38aa93c766dac65a1800f5294f0ab

SHA-1:
8c89d37ad85f532e32228025b1edc17585b27aa4

SHA-256:
7cdf8743cfe1975f85726932336d8a005907eb75be51fac6b8e998b98b774c11

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/24/2024 2:40:35 PM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.4

File size:
740.5 KB (758,280 bytes)

Product version:
2.3.0.1302

Copyright:
(C) xinshuru.com All Rights Reserved.

Original file name:
Unist.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese

Common path:
C:\Program Files\shouxin\palminput\2.3.0.1302\uninst.exe

Digital Signature
Signed by:
北京酷睿蒙数字科技有限公司

Authority:
WoSign CA Limited

Valid from:
3/9/2015 8:39:08 AM

Valid to:
12/30/2016 8:39:08 AM

Subject:
CN=北京酷睿蒙数字科技有限公司, O=北京酷睿蒙数字科技有限公司, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
462369F32AE19461418B658123BA2103

File PE Metadata
Compilation timestamp:
9/25/2015 5:28:03 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:UuHqepwXc7TO5KH6nMyk8kXRWvQyTexQ2fMinisCTyEZTzkK+IEqbuwJFSC1x13a:UUqFcZHUMyk8kNw0MeiTTyEZnfuwHB1+

Entry address:
0x37AB2

Entry point:
E8, 0A, AF, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 56, 8D, 45, FC, 50, FF, 75, 0C, FF, 75, 08, E8, 6F, B0, 00, 00, 8B, F0, 83, C4, 0C, 85, F6, 75, 18, 39, 45, FC, 74, 13, E8, 64, 07, 00, 00, 85, C0, 74, 0A, E8, 5B, 07, 00, 00, 8B, 4D, FC, 89, 08, 8B, C6, 5E, C9, C3, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 0C, 57, 85, C9, 0F, 84, 92, 00, 00, 00, 56, 53, 8B, D9, 8B, 74, 24, 14, F7, C6, 03, 00, 00, 00, 8B, 7C, 24, 10, 75, 0B, C1, E9, 02, 0F, 85, 85, 00, 00, 00, EB, 27, 8A, 06, 83, C6, 01, 88...
 
[+]

Code size:
340 KB (348,160 bytes)

Scan uninst.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.