youbo_vod_af11.exe.mwt

刘诗诗

The file youbo_vod_af11.exe.mwt has been detected as malware by 13 anti-virus scanners.
Publisher:
刘诗诗  (signed and verified)

Description:
优播高清影视安装程序

Version:
4.5.10.1127

MD5:
a862dc05a9d845b1a2cefa237728f650

SHA-1:
24e11d8d41f51000ecb1d05e52c844efce0b8091

SHA-256:
41d4bf59c7a01f82c248989fe1ca5fa4961466b6b48484a685a6a913bdba634d

Scanner detections:
13 / 68

Status:
Malware

Analysis date:
11/23/2024 11:31:00 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1866366
806

Avira AntiVirus
TR/Rogue.1413560
7.11.185.228

Bitdefender
Trojan.GenericKD.1866366
1.0.20.1620

Dr.Web
Trojan.DownLoader11.23578
9.0.1.0324

Emsisoft Anti-Malware
Trojan.GenericKD.1866366
8.14.11.20.10

F-Secure
Trojan.GenericKD.1866366
11.2014-20-11_5

G Data
Trojan.GenericKD.1866366
14.11.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.3.0

MicroWorld eScan
Trojan.GenericKD.1866366
15.0.0.972

NANO AntiVirus
Trojan.Win32.DarkKomet.dennwl
0.28.6.63362

nProtect
Trojan.GenericKD.1866366
14.11.14.01

Vba32 AntiVirus
Backdoor.DarkKomet
3.12.26.3

Zillya! Antivirus
Downloader.Agent.Win32.221069
2.0.0.1983

File size:
1.4 MB (1,417,392 bytes)

Product version:
1.1.0.0

Common path:
C:\users\{user}\downloads\youbo_vod_af11.exe.mwt

Digital Signature
Signed by:

Authority:
WoSign CA Limited

Valid from:
6/11/2014 4:48:01 PM

Valid to:
6/11/2015 4:48:01 PM

Subject:
CN=刘诗诗, E=5011net@sina.com, L=常山县, S=浙江省, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
05767A56D82D3A4015513D7E7534F5F1

File PE Metadata
Compilation timestamp:
6/23/2014 8:24:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:m7wWzU9mW2uUrRLfVl/lqlRLKKiH+bsqImPCZZJjomDOZx1ZAi6hRbFjP:m7FzU9ryNddlEZKK31CZPjomwvZcjP

Entry address:
0x2B0001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 00, 2B, 00, 83, BD, 7D, 04, 00, 00, 00, 89, 9D, 7D, 04, 00, 00, 0F, 85, C0, 03, 00, 00, 8D, 85, 89, 04, 00, 00, 50, FF, 95, 09, 0F, 00, 00, 89, 85, 81, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, 05, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74...
 
[+]

Entropy:
7.9779

Packer / compiler:
ASPack v2.12

Code size:
1.4 MB (1,482,240 bytes)

Remove youbo_vod_af11.exe.mwt - Powered by Reason Core Security