home

ActiveBooksAgent.exe

ActiveBooks Agent

Core Technologies Consulting, LLC

It runs as a separate (within the context of its own process) windows Service named “ActiveBooks Agent”.
Publisher:
Core Technologies Consulting, LLC  (signed and verified)

Product:
ActiveBooks Agent

Description:
Monitor your QuickBooks financials

Version:
6, 0, 3, 77

MD5:
c2ce44e6c74a071afe1666a06e4d1017

SHA-1:
630fa84defa411e5e0a80cc1614f287cb7aeef94

SHA-256:
3126f7a7eb95e88e445258b18dc0b69c6a5c7f23d1012de35d9c24b666ebedd8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 5:19:27 AM UTC  (today)

File size:
324.8 KB (332,592 bytes)

Product version:
6, 0, 3, 77

Copyright:
© 2009-2011, Core Technologies Consulting, LLC

Original file name:
ActiveBooksAgent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\activebooks\activebooksagent.exe

Digital Signature
Signed by:
Core Technologies Consulting, LLC

Authority:
The USERTRUST Network

Valid from:
3/8/2009 8:00:00 PM

Valid to:
3/8/2012 6:59:59 PM

Subject:
CN="Core Technologies Consulting, LLC", O="Core Technologies Consulting, LLC", STREET=7028-B Thornhill Drive, L=Oakland, S=CA, PostalCode=94611, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
2403C7FF57D6E84A387FA919BF1F0B05

File PE Metadata
Compilation timestamp:
5/5/2011 4:07:46 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
6144:e2R6Ghbp6XRGmN98wR9xM+WRDbovY45ioelRNj+C3QK6Gc/hd7u:e21AGmNiwxDvfM/jzC1M

Entry address:
0x1000

Entry point:
B8, 34, 4F, 51, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, F2, 87, E2, 3F, 7D, EF, 6A, 68, 89, F2, F5, 27, 84, 03, AB, 3F, 49, C2, F3, DD, FD, C3, 88, 3A, B4, 41, 59, 46, 5F, 1A, BE, 10, 38, B6, 97, 2A, A7, F7, 8C, 87, C4, 0B, C8, F1, B5, 8B, 19, BA, 08, 60, 24, 9F, 0B, DD, CE, B3, DC, 0E, F3, CA, 98, D8, 4C, 29, 12, 95, 88, DC, 9B, D6, 28, BA, 72, 2A, 31, 8D, 1F, 43, 16, A2, B0, 33, 14, E5, 93, B0, 87, 37, 78, F4, 1F, 02, 87...
 
[+]

Entropy:
7.8527

Packer / compiler:
PECompact v2

Code size:
790 KB (808,960 bytes)

Service
Display name:
ActiveBooks Agent

Type:
Win32OwnProcess

Depends on:
lanmanworkstation Dnscache


Scan ActiveBooksAgent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.