» AutomationWorkshopAgent.exe
Overview
Analysis
File Details
Behaviors (1)

AutomationWorkshopAgent.exe

Febooti Automation Workshop

Febooti, SIA

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Febooti Automation Workshop Agent’.

File name:

Publisher:

Febooti Software (signed by Febooti, SIA)

Product:

Febooti Automation Workshop

Description:

Febooti Automation Workshop Agent

Version:

1.3.1.0

MD5:

83524bd75eb893bc0dac9d8b49cdea1c

SHA-1:

ef29527fd1467853aae745f882d200c694fb84fc

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 5:45:12 PM UTC (today)

File size:

813.9 KB (833,480 bytes)

Product version:

1.3.1.0

Original file name:

AutomationWorkshopAgent.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\febooti automation workshop\automationworkshopagent.exe

Digital Signature

Signed by:

Febooti, SIA

Authority:

COMODO CA Limited

Valid from:

5/9/2012 5:30:00 AM

Valid to:

5/10/2014 5:29:59 AM

Subject:

CN="Febooti, SIA", O="Febooti, SIA", STREET=Citadeles 2, L=Riga, S=Riga, PostalCode=LV-1010, C=LV

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

74C21252838DAD6A35DB4530DB90617B

File PE Metadata

Compilation timestamp:

9/5/2012 1:07:40 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:80t0d4nZ2PWb3OxIpiUorFe2hq8FOgK+alF7I0fswxuhEjcxAw6I34iKi6fZ:8g0d4nKY2IZo5e2hzd10fswxu61w6viW

Entry address:

0xAB46

Entry point:

E8, F9, 4F, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, B4, 83, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 9C, 81, 42, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63... 
[+]

Entropy:

6.4890

Code size:

154 KB (157,696 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Febooti Automation Workshop Agent

Command:

C:\Program Files\febooti automation workshop\automationworkshopagent.exe

Scan AutomationWorkshopAgent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.