home

AtrioSide.exe

おすすめメニューNavi

NEC Personal Computers, Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AtrioSide’.
Publisher:
NEC Personal Computers, Ltd.  (signed and verified)

Product:
おすすめメニューNavi

Version:
2.0.1.1

MD5:
64b6cf0df0644237a0f068dc59542169

SHA-1:
9c18e885ffe99d2e35956c9a025b33a9812b71b0

SHA-256:
dca71f688215a84ac68ef5a0aa08a59b3fc316ed907911f75ac3bfc79a1e4f54

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 11:30:33 AM UTC  (today)

File size:
1.1 MB (1,159,536 bytes)

Product version:
2.0.1.1

Copyright:
Copyright (C) NEC Personal Computers, Ltd. 2011-2013

Original file name:
AtrioSide.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\nec\atrioside\atrioside.exe

Digital Signature
Signed by:
NEC Personal Computers, Ltd.

Authority:
VeriSign, Inc.

Valid from:
5/24/2013 9:00:00 AM

Valid to:
6/13/2014 8:59:59 AM

Subject:
CN="NEC Personal Computers, Ltd.", OU=PDD3, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="NEC Personal Computers, Ltd.", L=Shinagawa-ku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
01A96959CA187E666DB195ECBC99A549

File PE Metadata
Compilation timestamp:
6/21/2013 6:05:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:o613ums4fLCgQzl/qxgJpks4WwG+zTxmqvc3GU5tp+2/ufLCgQzAA:oq3ucCl/gcghRvozgCAA

Entry address:
0xD23DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 90, 00, 00, 80, 10, 00, 00, 00, A8, 00, 00, 80, 18, 00, 00, 00, C0, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0A, 00, 02, 00, 00, 00, D8, 00, 00, 80, 03, 00, 00, 00, F0, 00, 00, 80, 04, 00, 00, 00, 08, 01, 00, 80, 05, 00, 00, 00, 20, 01...
 
[+]

Entropy:
6.5891

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
833 KB (852,992 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AtrioSide

Command:
"C:\Program Files\nec\atrioside\atrioside.exe" \autorun


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.