青青草原wifi5.2.exe

青青草原WiFi

青青草原软件

The application 青青草原wifi5.2.exe has been detected as a potentially unwanted program by 11 anti-malware scanners. The file has been seen being downloaded from dl.22zy.net.
Publisher:
青青草原软件

Product:
青青草原WiFi

Version:
5.2.0.0

MD5:
a2c99bdf59297b4126945e5d10417625

SHA-1:
395741caf6d4aeed4a669434908bcfc7b447aa87

SHA-256:
4710211cbd4f74630420d406dc155516d7b08de887d19c8b108505ece4386d21

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
11/28/2024 4:22:25 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.Gen
2016.04.30

avast!
Win32:Adware-gen [Adw]
2014.9-160701

Bkav FE
W32.Clodcf7.Trojan
1.3.0.7400

Comodo Security
TrojWare.Win32.Agent.OSCF
24891

Fortinet FortiGate
Riskware/FlyStudio
7/1/2016

F-Prot
W32/OnlineGames.HG.gen
v6.4.7.1.166

F-Secure
Trojan:W32/DelfInject.R
11.2016-01-07_6

G Data
Win32.Adware.FlyStudio
16.7.25

McAfee
Artemis!A2C99BDF5929
5600.6352

NANO AntiVirus
Riskware.Win32.Downware.dvfusj
1.0.30.8136

Zillya! Antivirus
Adware.FlyStudio.Win32.4150
2.0.0.2831

File size:
1.6 MB (1,679,360 bytes)

Product version:
5.2.0.0

Copyright:
青青草原WiFi版权所有

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
8/5/2015 12:41:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:2slfW+LUo66jPpP/BGN4bLnkjKu/VayPM+tCr5odDsb8hNQLoOzvCbYv+U:2wqqOdM+uOyxvCcWU

Entry address:
0xF45DF

Entry point:
55, 8B, EC, 6A, FF, 68, E0, 82, 56, 00, 68, 84, 6E, 4F, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, BC, B3, 51, 00, 33, D2, 8A, D4, 89, 15, 14, 6B, 5E, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 10, 6B, 5E, 00, C1, E1, 08, 03, CA, 89, 0D, 0C, 6B, 5E, 00, C1, E8, 10, A3, 08, 6B, 5E, 00, 6A, 01, E8, F0, 5B, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 9B, 59, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.4959

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
1.1 MB (1,155,072 bytes)

The file 青青草原wifi5.2.exe has been seen being distributed by the following URL.

Remove 青青草原wifi5.2.exe - Powered by Reason Core Security