home

����war31.20game.dll@18_3931.exe

下载器

马鞍山百助网络科技有限公司

The application ����war31.20game.dll@18_3931.exe by 马鞍山百助网络科技有限公司 has been detected as a potentially unwanted program by 3 anti-malware scanners.
Publisher:
马鞍山百助网络科技有限公司  (signed and verified)

Product:
下载器

Version:
6.0.0.4

MD5:
f694dfaad79790ddd287aa46ea95d3c8

SHA-1:
56b1f2a46680aa8ed445c76ce0a7c551c77e1fe2

SHA-256:
7ae51ed1f75b03edf4fdd8bf731e6c47e26b35780531693b6ad81cfd49cd11a2

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 9:17:54 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Qjwmonkey.AB
7.11.204.248

avast!
Win32:Adware-gen [Adw]
2014.9-150217

ESET NOD32
Win32/Adware.Qjwmonkey (variant)
9.11067

File size:
502.8 KB (514,832 bytes)

Product version:
6.0.0.4

Original file name:
下载器

File type:
Executable application (Win32 EXE)

Language:
kiina (yksinkertaistettu, Kiinan kansantasavalta)

Common path:
C:\users\{user}\downloads\%94%85%89%9cwar31.20game.dll@18_3931.exe

Digital Signature
Signed by:
马鞍山百助网络科技有限公司

Authority:
WoSign CA Limited

Valid from:
11/5/2014 7:47:28 AM

Valid to:
11/5/2015 7:47:28 AM

Subject:
CN=马鞍山百助网络科技有限公司, O=马鞍山百助网络科技有限公司, L=马鞍山市, S=安徽省, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
121FB305EE32B73BFC743E83AC8CEB49

File PE Metadata
Compilation timestamp:
12/16/2014 7:10:43 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
6144:Desle0dbwBLLtnjJVYK31cZXdghevlYF9/fWM+T0MnF1SvLD5IC4symG2s:D9eLB/tnjLRcZt6yGF93p1iF4zHzNs

Entry address:
0x11E49

Entry point:
E8, FC, 4B, 00, 00, E9, 7F, FE, FF, FF, E9, A1, 00, 00, 00, 3B, 0D, 50, 70, 43, 00, 75, 02, F3, C3, E9, 42, 05, 00, 00, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 77, 6F, 53, 57, A1, 7C, 93, 43, 00, 85, C0, 75, 1D, E8, 60, 49, 00, 00, 6A, 1E, E8, B6, 49, 00, 00, 68, FF, 00, 00, 00, E8, 9A, 40, 00, 00, A1, 7C, 93, 43, 00, 59, 59, 85, F6, 74, 04, 8B, CE, EB, 03, 33, C9, 41, 51, 6A, 00, 50, FF, 15, B0, B1, 42, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5B, 39, 05, C8, 9C, 43, 00, 74, 0D, 56, E8, FD, 52, 00, 00, 59, 85...
 
[+]

Entropy:
6.9017

Code size:
166 KB (169,984 bytes)

Remove ����war31.20game.dll@18_3931.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.