home

ActiveBooksServer.exe

ActiveBooks Server

Core Technologies Consulting, LLC

It runs as a separate (within the context of its own process) windows Service named “ActiveBooks Server”.
Publisher:
Core Technologies Consulting, LLC  (signed and verified)

Product:
ActiveBooks Server

Description:
Monitor your QuickBooks financials

Version:
15, 0, 8, 94

MD5:
1ea0b627d51f6cdea1729c042ae19302

SHA-1:
a2ed0dd7ac7f55bcc52ee83f33765a4b81182e3e

SHA-256:
70bd61ea4598d830e2842c3d47506610207917f88dcdd6e2ac209ee885827c25

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:21:46 PM UTC  (today)

File size:
881 KB (902,152 bytes)

Product version:
15, 0, 8, 94

Copyright:
© 2009-2015, Core Technologies Consulting, LLC

Original file name:
ActiveBooksServer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\activebooks\activebooksserver.exe

Digital Signature
Signed by:
Core Technologies Consulting, LLC

Authority:
COMODO CA Limited

Valid from:
3/8/2012 4:00:00 PM

Valid to:
3/9/2017 3:59:59 PM

Subject:
CN="Core Technologies Consulting, LLC", O="Core Technologies Consulting, LLC", STREET=7028-B Thornhill Drive, L=Oakland, S=CA, PostalCode=94611, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D00935DF99CBA1C55CAFE1BFAB858701

File PE Metadata
Compilation timestamp:
1/2/2015 1:07:03 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
24576:l3ElBDZ2jLfZv4scnelIBieRcU+CtIYl+Q:alcjlgLnviucU+hYl+Q

Entry address:
0x1000

Entry point:
B8, CC, F6, 70, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 48, 9F, 1A, 43, 03, BE, 3A, 4F, 6D, 98, AC, EE, AF, 88, BE, 9C, 30, A4, 76, 92, EC, 2C, 9A, 31, 13, C2, 0A, 1F, 5F, 21, E9, E6, 26, E6, CC, 67, 26, 9C, 43, F9, 6D, 32, 8D, EC, 36, 48, 9A, 4B, 9F, 35, C3, 20, 63, E8, F5, CD, 53, C8, 1E, 2B, 78, E2, 13, D8, 1B, DB, 49, 8F, BC, 69, 55, C5, 33, 65, 57, 90, 87, 88, 2B, F5, 56, 82, 11, 2F, BC, 6C, 8F, B8, ED, 58, D5, AE, 37...
 
[+]

Entropy:
7.9744

Packer / compiler:
PECompact v2

Code size:
2.3 MB (2,365,440 bytes)

Service
Display name:
ActiveBooks Server

Description:
ActiveBooks service

Type:
Win32OwnProcess

Depends on:
lanmanworkstation Dnscache


Scan ActiveBooksServer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.