» xdjsq-setup3.3.x.exe
Overview
Analysis
File Details

xdjsq-setup3.3.x.exe

迅达加速器

安徽讯敏信息科技有限公司

The program is a setup application that uses the Inno Setup installer.

File name:

Publisher:

安徽讯敏信息科技有限公司 (signed and verified)

Product:

迅达加速器

Description:

迅达加速器 Setup

MD5:

41ebb98732ca0ff28a09b7edebae4f98

SHA-1:

d31b2b3834592ccd15546e03aa85edaf82ca862f

SHA-256:

e260f1cd458f19967df375c2340333705417fc57c3c585245d2f109917ae17a0

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

1/15/2025 9:32:46 AM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

Win.Trojan.Keylogger-14

0.98/21511

File size:

1 MB (1,094,272 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\xdjsq-setup3.3.x.exe

Digital Signature

Signed by:

安徽讯敏信息科技有限公司

Authority:

WoSign CA Limited

Valid from:

5/23/2014 2:44:31 AM

Valid to:

5/23/2015 2:44:31 AM

Subject:

CN=安徽讯敏信息科技有限公司, E=service@xdjsq.com, O=安徽讯敏信息科技有限公司, L=六安市, S=安徽省, C=CN

Issuer:

CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:

2E5E11CC16FC10089FECD64C3C07EDB0

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:tGu8ogeWoCjfZ0V5UfmWFnQShkwJjwpKT4dpnUQgr/:t+ozEx0VyXqhxpKTCUQ8/

Entry address:

0x9AF8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, A2, 95, FF, FF, E8, A9, A7, FF, FF, E8, D4, C9, FF, FF, E8, 1B, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, AF, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 78, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 04, D0, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 53, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD, 40, 00, B2, 01, B8... 
[+]

Entropy:

7.9827

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

Scan xdjsq-setup3.3.x.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.