» acdseepro6intouch2.exe
Overview
Analysis
File Details
Behaviors (1)

acdseepro6intouch2.exe

acdID InTouch2

ACD Systems International Inc

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ACPW06EN’.

File name:

Publisher:

ACD Systems (signed by ACD Systems International Inc)

Product:

acdID InTouch2

Version:

3.2.22.0

MD5:

fcd24b66e766734e47e6e3aa1d332f26

SHA-1:

bea1088e19eab3dd1d0b5de4c74d9f1c0b0e318a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/20/2024 2:54:26 AM UTC (today)

File size:

1.1 MB (1,135,304 bytes)

Product version:

3.2.22.0

Original file name:

acdIDInTouch2.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\acd systems\acdsee pro\6.0\acdseepro6intouch2.exe

Digital Signature

Signed by:

ACD Systems International Inc

Authority:

VeriSign, Inc.

Valid from:

5/13/2012 3:00:00 AM

Valid to:

5/12/2013 2:59:59 AM

Subject:

CN=ACD Systems International Inc, OU=Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ACD Systems International Inc, L=Victoria, S=British Columbia, C=CA

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6CC1D069809B31E7B50467A64B37B200

File PE Metadata

Compilation timestamp:

12/18/2012 12:58:34 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:AmmbtTSzpX57jgggggXgggggyggggg42aao9PpvgqgH1G/Q:ZzpJ7jgggggXgggggyggggg42aao9Ppu

Entry address:

0x32272

Entry point:

E8, 12, 07, 00, 00, E9, 6B, FD, FF, FF, 8B, FF, 55, 8B, EC, F6, 45, 08, 02, 57, 8B, F9, 74, 25, 56, 68, 64, 2B, 43, 00, 8D, 77, FC, FF, 36, 6A, 0C, 57, E8, BB, 01, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, A5, FC, FF, FF, 59, 8B, C6, 5E, EB, 14, E8, B0, 08, 00, 00, F6, 45, 08, 01, 74, 07, 57, E8, 8E, FC, FF, FF, 59, 8B, C7, 5F, 5D, C2, 04, 00, FF, 25, 2C, 74, 43, 00, FF, 25, 28, 74, 43, 00, 3B, 0D, 8C, 65, 44, 00, 75, 02, F3, C3, E9, 41, 07, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 51, 8D... 
[+]

Entropy:

4.7332

Code size:

215.5 KB (220,672 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

ACPW06EN

Command:

"C:\Program Files\acd systems\acdsee pro\6.0\acdseepro6intouch2.exe" \pid acpw06en

Scan acdseepro6intouch2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.