home

Wallpaper.exe

孙中元

Publisher:
宁波甬润网络有限公司  (signed by 孙中元)

Description:
靓虾壁纸

Version:
1.0.0.1

MD5:
f9906242c5bbf55759f857636c53880e

SHA-1:
38875baf0945a8599bba7e2362c608b4402447c5

SHA-256:
d33c9e9f2580b363352dd33910ce9f76bd5b4b93f10fe4cf91b35f28e26ddc79

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/28/2024 4:33:06 AM UTC  (today)

Scan engine
Detection
Engine version

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.313

Trend Micro House Call
TROJ_GEN.R047H07AQ15
7.2.115

File size:
157.6 KB (161,424 bytes)

Product version:
1.0.0.1

Original file name:
Wallpaper.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\liangxiawallpaper\wallpaper.exe

Digital Signature
Signed by:
孙中元

Authority:
Unizeto Technologies S.A.

Valid from:
1/6/2014 8:00:00 AM

Valid to:
1/6/2015 8:00:00 AM

Subject:
CN="Open Source Developer, 孙中元", O=孙中元, C=CN

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
1EFA0F2B42B625FC1E90EF0F3C093B28

File PE Metadata
Compilation timestamp:
1/23/2015 11:41:14 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
3072:nh9wdPXeuzGaD9Z++VCtZC4xey+k21KaAmmUdDPvp93vZ5hwEkayWt8:h9wRX9D9yto4xJ8d7vp1B7gyi

Entry address:
0x144CF

Entry point:
E8, 5D, 06, 00, 00, E9, 49, FE, FF, FF, 3B, 0D, 18, 00, 42, 00, 75, 02, F3, C3, E9, 4F, 01, 00, 00, FF, 25, 98, 81, 41, 00, FF, 25, 8C, 81, 41, 00, 83, 3D, DC, 0C, 42, 00, 00, 74, 03, 33, C0, C3, 56, 6A, 04, 6A, 20, FF, 15, 0C, 81, 41, 00, 59, 59, 8B, F0, 56, FF, 15, 38, 80, 41, 00, A3, DC, 0C, 42, 00, A3, D8, 0C, 42, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 14, 68, 58, DB, 41, 00, E8, 04, 07, 00, 00, 83, 65, DC, 00, FF, 35, DC, 0C, 42, 00, 8B, 35, 9C, 80, 41, 00, FF, D6, 89...
 
[+]

Entropy:
6.5139

Code size:
89 KB (91,136 bytes)

Scan Wallpaper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.