home

ActiveBooksServer.exe

ActiveBooks Server

Core Technologies Consulting, LLC

It runs as a separate (within the context of its own process) windows Service named “ActiveBooks Server”.
Publisher:
Core Technologies Consulting, LLC  (signed and verified)

Product:
ActiveBooks Server

Description:
Monitor your QuickBooks financials

Version:
16, 1, 1, 73

MD5:
31a6023110285547148deb7f80bc4406

SHA-1:
a8b7ce741aa7f056acb5e29ce59e26a4adfb7e89

SHA-256:
31ae8d18ce55ceade556630ec64da9472e2ac8371bffbd4034183e00ec4184ef

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 1:07:38 PM UTC  (today)

File size:
993.9 KB (1,017,752 bytes)

Product version:
16, 1, 1, 73

Copyright:
© 2009-2016, Core Technologies Consulting, LLC

Original file name:
ActiveBooksServer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\active book\activebooks\activebooksserver.exe

Digital Signature
Signed by:
Core Technologies Consulting, LLC

Authority:
COMODO CA Limited

Valid from:
2/14/2016 6:00:00 AM

Valid to:
3/10/2017 5:59:59 AM

Subject:
CN="Core Technologies Consulting, LLC", O="Core Technologies Consulting, LLC", STREET=7028-B Thornhill Drive, L=Oakland, S=CA, PostalCode=94611, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00BB212D4EFC5FDBBE50E15671E4BB9B64

File PE Metadata
Compilation timestamp:
3/5/2016 1:00:33 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
24576:KPOxPMQAYHQaHr9+29I+yhc2EUvC9O5UzEe61EqVG5H:KOAYXH8KyrhUzEe61EqVG5H

Entry address:
0x1000

Entry point:
B8, 3C, 77, 75, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 95, 59, 00, 2A, 16, EC, 17, FB, C1, 0D, 75, AA, 5C, 5F, 77, F0, DD, AF, B3, 04, 03, C7, EC, 4E, 75, 35, F8, AD, 6F, F0, E8, 72, 23, 5C, E3, 14, A4, EA, 6B, 5E, DD, 07, 9D, C3, 94, 36, CD, 0A, 14, 60, 25, 40, 7F, 46, 90, A3, 18, 3B, 4E, CD, 23, 3A, 10, 47, 71, E8, 4B, 34, 8E, 42, F8, 72, 7D, BB, C0, A5, AC, 9B, D1, C0, 90, 8A, 8A, FF, 4D, 7D, B1, 8D, 12, A8, F7, AA, 2B...
 
[+]

Entropy:
7.9791

Packer / compiler:
PECompact v2

Code size:
2.5 MB (2,588,160 bytes)

Service
Display name:
ActiveBooks Server

Description:
ActiveBooks service

Type:
Win32OwnProcess

Depends on:
lanmanworkstation Dnscache


Scan ActiveBooksServer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.