home

wallsvr.exe

孙中元

Publisher:
孙中元  (signed and verified)

MD5:
fb27ffe9d98454a6a08caef8c43eebd3

SHA-1:
b1375b3e064dd51ffd0baeb0de0ce60bc9107820

SHA-256:
c48f43cb7870efb0faab12414fc7be4db24c19b9c08f94b28bd0cc3d2316dafb

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/28/2024 4:35:49 AM UTC  (today)

Scan engine
Detection
Engine version

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-97

Qihoo 360 Security
Win32/Trojan.e6d
1.0.0.1015

Trend Micro House Call
TROJ_GEN.R047H07AQ15
7.2.197

File size:
14.1 KB (14,480 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\liangxiawallpaper\wallsvr.exe

Digital Signature
Signed by:
孙中元

Authority:
Unizeto Technologies S.A.

Valid from:
1/5/2014 10:00:00 PM

Valid to:
1/5/2015 10:00:00 PM

Subject:
CN="Open Source Developer, 孙中元", O=孙中元, C=CN

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
1EFA0F2B42B625FC1E90EF0F3C093B28

File PE Metadata
Compilation timestamp:
1/23/2015 1:40:50 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
192:5/EmsxEwGmTreqZlmFm3fiIzIZbpc8QC78A7tA39sPY5oCvMUY1hMsz1rHbex5dA:1EmS3NZlmFm5Ebm8QC3tBpZ5oafeBYD

Entry address:
0x1A5A

Entry point:
E8, E2, 02, 00, 00, E9, 91, FE, FF, FF, 55, 8B, EC, FF, 15, 84, 30, 40, 00, 6A, 01, A3, 5C, 43, 40, 00, E8, 53, 05, 00, 00, FF, 75, 08, E8, 51, 05, 00, 00, 83, 3D, 5C, 43, 40, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 39, 05, 00, 00, 59, 68, 09, 04, 00, C0, E8, 3A, 05, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 5F, 05, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 40, 41, 40, 00, 89, 0D, 3C, 41, 40, 00, 89, 15, 38, 41, 40, 00, 89, 1D, 34, 41, 40, 00, 89, 35, 30, 41, 40, 00, 89, 3D, 2C...
 
[+]

Entropy:
6.1088

Code size:
4.5 KB (4,608 bytes)

Scan wallsvr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.