» aicmenu.exe
Overview
Analysis
File Details
Behaviors (1)

aicmenu.exe

ANTAMEDIA

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘AntamediaCafeClientM’.

File name:

aicmenu.exe

Publisher:

ANTAMEDIA (signed and verified)

Version:

7.6.0.0

MD5:

05ed896ec602ffd2be782f2228f0effb

SHA-1:

a864c92d2f34efb3d6587bf0d5f9dfd56bf0ebc6

SHA-256:

a396e15c46ae944eea02dcf5e640d02d216cf163fa5196008b5731c911edc1bf

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/16/2024 10:12:34 AM UTC (today)

File size:

2.8 MB (2,957,280 bytes)

Product version:

Antamedia

Trademarks:

Antamedia

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

ANTAMEDIA

Authority:

COMODO CA Limited

Valid from:

2/8/2013 8:00:00 AM

Valid to:

2/9/2016 7:59:59 AM

Subject:

CN=ANTAMEDIA, O=ANTAMEDIA, STREET=Nebojsina 30, L=Belgrade, S=Outside United States, PostalCode=11000, C=RS

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00DAA5714BF6FA8467D3EAA6B6F7EFCD46

File PE Metadata

Compilation timestamp:

10/9/2013 5:48:24 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:MjlNPLOjIUjnLvoFNlx+Dac1GhY/jpcI4wQ3/aghGlQTTXOzQHaiiBs:M3PjikFDmohY/jpcI4wi/aUIwjaiiBs

Entry address:

0x247870

Entry point:

55, 8B, EC, 83, C4, F0, B8, 54, 57, 64, 00, E8, C0, 08, DC, FF, A1, 38, 43, 66, 00, 8B, 00, 8B, 40, 30, BA, 01, 00, 00, 00, E8, D0, DA, FF, FF, 84, C0, 0F, 85, 8F, 00, 00, 00, E8, B3, DD, FF, FF, A1, 38, 43, 66, 00, 8B, 00, E8, D3, 65, E9, FF, A1, 38, 43, 66, 00, 8B, 00, BA, 38, 79, 64, 00, E8, 7A, 60, E9, FF, A1, 38, 43, 66, 00, 8B, 00, 33, D2, E8, 9C, 84, E9, FF, A1, 38, 43, 66, 00, 8B, 00, C6, 40, 5B, 00, 8B, 0D, 64, 3E, 66, 00, A1, 38, 43, 66, 00, 8B, 00, 8B, 15, 10, BF, 62, 00, E8, A9, 65, E9, FF, 8B... 
[+]

Entropy:

6.6573

Developed / compiled with:

Microsoft Visual C++

Code size:

2.3 MB (2,386,432 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

AntamediaCafeClientM

Command:

C:\antamedia\internet cafe\aicmenu.exe

Scan aicmenu.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.