VStart6.exe

VStart6 http://www.3lsoft.com

Shanghai Gaoxin Computer System Co.,ltd

The application VStart6.exe by Shanghai Gaoxin Computer System Co.,ltd has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Shanghai Gaoxin Computer Systems Limited  (signed by Shanghai Gaoxin Computer System Co.,ltd)

Product:
VStart6 http://www.3lsoft.com

Description:
VStart6

Version:
6.0.1.14

MD5:
60bf7a5b883724afeead90bf5e5fd10e

SHA-1:
80dbca6599f112355c8ee2a07448b11aa338744b

SHA-256:
dada46bc404b1c29f46a925716035473e47a07f393584494d377ca128dedc6dd

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 7:14:17 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.18.4

File size:
901 KB (922,656 bytes)

Product version:
6.0.1.14

Copyright:
(C)2014 Shanghai Gaoxin Computer Systems Limited

Original file name:
VStart6.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/7/2013 8:00:00 AM

Valid to:
5/7/2016 7:59:59 AM

Subject:
CN="Shanghai Gaoxin Computer System Co.,ltd", OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Shanghai Gaoxin Computer System Co.,ltd", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3252B61CBBBA434FC4C89A24F5ED7D30

File PE Metadata
Compilation timestamp:
4/9/2014 4:21:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:3CkscQPyUiz1h7GIhsyb/d/VxAv2Agqn4Vzo8gZTR3k:3Ck1Qy1lGosyjXuvYVzvuU

Entry address:
0x9B08E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.2756

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
612.5 KB (627,200 bytes)

Remove VStart6.exe - Powered by Reason Core Security