home

xiaomacrashhandler.exe

XiaoMa Update

成都海宇通电气自动化工程有限公司

Publisher:
XiaoMa Inc.  (signed by 成都海宇通电气自动化工程有限公司)

Product:
XiaoMa Update

Version:
1.3.99.0

MD5:
5930b7bdad1b7333e75f5f0025216407

SHA-1:
b180aaffe7560378d4fe2e0a3fe8128b31428c3c

SHA-256:
d9e27e6c3b9d5e810e907dbd88bd711e4943151e73d41c9e425f8c401365a664

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 3:58:10 PM UTC  (today)

File size:
284 KB (290,840 bytes)

Product version:
1.3.99.0

Copyright:
Copyright 2007-2010 Google Inc.

Original file name:
XiaoMaUpdate.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\xiaomacrashhandler.exe

Digital Signature
Signed by:
成都海宇通电气自动化工程有限公司

Authority:
WoSign CA Limited

Valid from:
5/6/2016 11:22:47 AM

Valid to:
6/6/2018 11:22:47 AM

Subject:
CN=成都海宇通电气自动化工程有限公司, O=成都海宇通电气自动化工程有限公司, L=成都市, S=四川省, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
4A10735F7BFEF63431117117B6A8D6E9

File PE Metadata
Compilation timestamp:
2/16/2017 8:02:18 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x16184

Entry point:
E8, C2, 03, 00, 00, E9, 8E, FE, FF, FF, E9, 50, FB, FF, FF, 55, 8B, EC, 83, 25, C0, FD, 43, 00, 00, 83, EC, 28, 53, 33, DB, 43, 09, 1D, 04, F0, 43, 00, 6A, 0A, E8, 0D, 0E, 01, 00, 85, C0, 0F, 84, 6D, 01, 00, 00, 83, 65, F0, 00, 33, C0, 83, 0D, 04, F0, 43, 00, 02, 33, C9, 56, 57, 89, 1D, C0, FD, 43, 00, 8D, 7D, D8, 53, 0F, A2, 8B, F3, 5B, 89, 07, 89, 77, 04, 89, 4F, 08, 89, 57, 0C, 8B, 45, D8, 8B, 4D, E4, 89, 45, F8, 81, F1, 69, 6E, 65, 49, 8B, 45, E0, 35, 6E, 74, 65, 6C, 0B, C8, 8B, 45, DC, 6A, 01, 35, 47...
 
[+]

Entropy:
6.6558

Code size:
174.5 KB (178,688 bytes)

Scan xiaomacrashhandler.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.