home

activexclock64.exe

ActiveX Clock

David Jorge Aguirre-Grazio

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘ActiveXClock’.
Publisher:
Mc & RENOX technologies - www.mcrenox.com.ar  (signed by David Jorge Aguirre-Grazio)

Product:
ActiveX Clock

Description:
ActiveX Clock (64bit)

Version:
1.7.0.0

MD5:
c8a59d241974cc14d880ef99cb70ec31

SHA-1:
fbe93c39bdcccf4e2d64e50d4a27cdd221350ab7

SHA-256:
49579844b1a3e64e21c7171eb14c2ab5f6735e222c9cd06e162d072e091803c8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 2:47:13 AM UTC  (today)

File size:
4.9 MB (5,110,016 bytes)

Product version:
1.7.0.0

Copyright:
Copyright © 2010-2012 by Mc & RENOX

Trademarks:
Mc & RENOX technologies - www.mcrenox.com.ar

Original file name:
ActiveXClock.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Digital Signature
Signed by:
David Jorge Aguirre-Grazio

Authority:
DigiCert Inc

Valid from:
5/1/2011 9:00:00 PM

Valid to:
5/9/2012 9:00:00 AM

Subject:
CN=David Jorge Aguirre-Grazio, O=David Jorge Aguirre-Grazio, L=San Miguel de Tucuman, S=Tucumán, C=AR

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
050FD7779CDDAE4280A7A65A245C2A06

File PE Metadata
Compilation timestamp:
12/14/2011 8:50:52 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:bbuNP3+YGdo5nJSyZQHGcnT5A29ITZpDfwgR9ShluCpW6fZ0EoTLnMmxG:lGNWT5AhP5nho

Entry address:
0x1D6360

Entry point:
55, 48, 83, EC, 20, 48, 8B, EC, 90, 48, 8D, 0D, C8, 46, FF, FF, E8, 4B, A6, E3, FF, 48, 33, C9, 83, CA, FF, 4C, 8D, 05, DE, 00, 00, 00, E8, 09, F2, E3, FF, 48, 89, 05, A2, 37, 03, 00, 48, 83, 3D, 9A, 37, 03, 00, 00, 75, 11, 48, 8D, 0D, F9, 00, 00, 00, E8, 3C, 6B, F4, FF, E8, 37, 42, E3, FF, E8, E2, F3, E3, FF, 81, F8, B7, 00, 00, 00, 75, 11, 48, 8D, 0D, 23, 01, 00, 00, E8, 1E, 6B, F4, FF, E8, 19, 42, E3, FF, 48, 8B, 05, 9A, 96, 02, 00, 48, 8B, 08, E8, 6A, 0D, FD, FF, 48, 8B, 05, 8B, 96, 02, 00, 48, 8B, 08...
 
[+]

Code size:
1.8 MB (1,922,560 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ActiveXClock

Command:
C:\desktop\documents\nova pasta \activexclock64.exe \autorun


Scan activexclock64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.