home

wdzsfqhkpl

Salung International Corporation

Publisher:
Salung International Corporation  (signed and verified)

MD5:
0499c60360b8f9a7697a155dcf28acdc

SHA-1:
e92090deeca89f590080aed254ee03481e4b9470

SHA-256:
e325683eff656d54e5c6e740eead88380da5c1768f0b952cc34eb97709bcc765

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 7:46:23 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Injector.PQN trojan
8.0.319.0

Microsoft Security Essentials
Threat.Undefined
1.225.1840.0

File size:
211 KB (216,080 bytes)

Common path:
C:\users\{user}\appdata\local\temp\wdzsfqhkpl

Digital Signature
Signed by:
Salung International Corporation

Authority:
Salung International Corporation

Valid from:
6/25/2016 8:45:36 AM

Valid to:
6/26/2026 8:45:36 AM

Subject:
E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Issuer:
E=sales@salung.com, CN=www.salung.com, OU=Sales Department, O=Salung International Corporation, L=Columbus, S=Ohio, C=US

Serial number:
00866E0A24F3686932

File PE Metadata
Compilation timestamp:
6/27/2016 5:14:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:ePSN/SjG7q067tDbh9mGnCzPdFtaV3koPmgZuQzG:IzictDbh9EM3bo

Entry address:
0x1531E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
80 KB (81,920 bytes)

Scan wdzsfqhkpl - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.