» awtask.exe
Overview
Analysis
File Details
Behaviors (1)

awtask.exe

Trauma Zer0

Aleste Participacoes e Empreendimentos Ltda

It runs as a separate (within the context of its own process) windows Service named “Network Agent Self Protect Tz0”.

File name:

awtask.exe

Publisher:

Aleste Technology (signed by Aleste Participacoes e Empreendimentos Ltda)

Product:

Trauma Zer0

Description:

Trauma Zer0 Protection Engine

Version:

2.2.5.0

MD5:

e6cc843c3858843ceb287c29e8707706

SHA-1:

bc802f9b4ab870cf9542f356868ea722381c6f5c

SHA-256:

b0ad1b28ed1a3dd2a2b4b1c3e9b993b880d73a5a5f570335d9318dfa96ca17e4

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/25/2024 5:01:10 AM UTC (today)

Scan engine

Detection

Engine version

VIPRE Antivirus

Threat.4657539

40824

File size:

4.7 MB (4,950,888 bytes)

Product version:

2.0.0.0

Aleste Technology

Trademarks:

Aleste Technology

Original file name:

awtask.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\windows\networkclient\awtask.exe

Digital Signature

Signed by:

Aleste Participacoes e Empreendimentos Ltda

Authority:

VeriSign, Inc.

Valid from:

1/13/2013 10:00:00 PM

Valid to:

3/15/2014 8:59:59 PM

Subject:

CN=Aleste Participacoes e Empreendimentos Ltda, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Aleste Participacoes e Empreendimentos Ltda, L=Montenegro, S=Rio Grande do Sul, C=BR

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

320C63DB3AEE1845C496DDB7E2380D06

File PE Metadata

Compilation timestamp:

10/17/2013 4:51:09 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

49152:AZ7/n2Byojk/JNT9kE+VG5GJNosU1cRJXIS4+j68ifeDjLphtsJS/OLXGo4LQ3o3:RNlU1ccm6z+aGH5

Entry address:

0x2A4B00

Entry point:

55, 53, 48, 83, EC, 28, 48, 8B, EC, 90, 48, 8D, 0D, B7, 21, FF, FF, E8, 7A, E2, D6, FF, 48, 8D, 0D, AF, 00, 00, 00, E8, 1E, 7D, FB, FF, 84, C0, 75, 09, E8, 95, 24, D6, FF, 85, C0, 7E, 52, 48, 8B, 05, 3A, 9A, 03, 00, 48, 8B, 00, 48, 89, C1, 48, 8B, 18, FF, 93, 88, 00, 00, 00, 48, 8B, 05, 24, 9A, 03, 00, 48, 8B, 00, 48, 89, C1, 48, 8B, 15, 87, 17, FF, FF, 4C, 8B, 05, 58, 9E, 03, 00, 48, 8B, 18, FF, 93, 80, 00, 00, 00, 48, 8B, 05, 00, 9A, 03, 00, 48, 8B, 00, 48, 89, C1, 48, 8B, 18, FF, 93, 90, 00, 00, 00, EB... 
[+]

Code size:

2.6 MB (2,767,872 bytes)

Service

Display name:

Network Agent Self Protect Tz0

Service name:

AwtaskService

Description:

Guardian objects protocols to manage Tz0 engine

Type:

Win32OwnProcess

Scan awtask.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.