» batpostm.exe
Overview
Analysis
File Details

batpostm.exe

BatPost

RITLABS S.R.L.

File name:

batpostm.exe

Publisher:

RITLABS S.R.L. (signed and verified)

Product:

BatPost

Description:

BatPost E-Mail Server by Ritlabs

Version:

3.01.002

MD5:

4acea9baafa448e90e115bddc442c216

SHA-1:

74f92217b17920f416a36e3b3ac9f26d9dda7091

SHA-256:

f8e65c599c1018dacd45de91d3e7a8af9344261d8b3bfce6598fa221c9d45993

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

5/7/2024 9:50:02 AM UTC (today)

Scan engine

Detection

Engine version

Emsisoft Anti-Malware

Trojan.JS.Agent.JBZ

8.15.12.12.03

File size:

438.8 KB (449,336 bytes)

Product version:

3.01.002

Original file name:

BatPost E-Mail Server by Ritlabs

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\batpost\batpostm.exe

Digital Signature

Signed by:

RITLABS S.R.L.

Authority:

VeriSign, Inc.

Valid from:

7/3/2009 3:00:00 AM

Valid to:

7/4/2012 2:59:59 AM

Subject:

CN=RITLABS S.R.L., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=RITLABS S.R.L., L=Chisinau, S=MD, C=MD

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4937EA1F1A1D047E261DACAD6990914C

File PE Metadata

Compilation timestamp:

6/13/2011 3:03:27 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:PSu8Oyc1q0+s5C9elsGb6e6rD0jeTOM0JGS6b7MP+Dd2t4:aa1q0+s09eCGbd6SeCPJO7MP+h2t4

Entry address:

0x1000

Entry point:

68, 01, 80, 4F, 00, E8, 01, 00, 00, 00, C3, C3, 93, 15, E3, 9F, 76, 94, 3E, DF, EE, 48, CC, 84, 42, F1, FE, 79, 80, 60, D1, 37, 7F, 60, 9A, 1C, C9, B9, BA, 0E, 44, 44, 95, B4, 9A, 71, 4D, C9, 9C, 29, B5, 51, 8D, 62, D0, CA, 56, 8D, 6A, E4, 68, 34, 1F, 65, 5F, F3, 29, 25, 8F, E5, C5, EC, A6, 27, 2C, 15, A1, AD, 22, BB, 87, 2F, 84, 69, EF, 9E, 78, 7D, 18, 65, 60, 7D, DE, 91, C3, B1, 1B, 95, 90, EA, B5, FC, 14, 84, B7, E7, 3F, E8, 8B, 23, 4B, 39, 94, 6C, B4, A2, A9, 05, 79, 9E, 3A, 61, EC, 67, F0, 65, 33, D4... 
[+]

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

727 KB (744,448 bytes)

Scan batpostm.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.