home

beats64.exe

HP Beats

Integrated Device Technology Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘BeatsOSDApp’.
Publisher:
Hewlett-Packard   (signed by Integrated Device Technology Inc.)

Product:
HP Beats

Version:
1, 0, 5, 0

MD5:
4b10676b86c30aad1d397acf38a07a7a

SHA-1:
69dedc69ad01c80c8f62b19ead052de5d527bd23

SHA-256:
502b28a1470fcdc727b834e05b46a744917383371550f80a7b78c6168fc908b4

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 1:54:40 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Patched.Gen
7.11.30.172

File size:
40.7 KB (41,664 bytes)

Product version:
1, 0, 5, 0

Copyright:
Copyright (C) 2010 Hewlett-Packard Company

Original file name:
Beats.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\idt\wdm\beats64.exe

Digital Signature
Signed by:
Integrated Device Technology Inc.

Authority:
VeriSign, Inc.

Valid from:
6/18/2012 7:00:00 PM

Valid to:
8/29/2014 6:59:59 PM

Subject:
CN=Integrated Device Technology Inc., OU=Audio PC/Notebook, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Integrated Device Technology Inc., L=San Jose, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
776DC63D75FDA37ED1F8FCC670A26EA6

File PE Metadata
Compilation timestamp:
8/22/2012 1:39:31 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
384:HpKhHrwFuaSWBBVPEE6JhSycYU5w3V+P6iSbXemBrrgSkQi0dl1o00g6g2WjbyOa:xuaSWB7jt5wgS7emBfwQJPG7GXyOSDeM

Entry address:
0x4AA8

Entry point:
48, 83, EC, 28, E8, 33, 03, 00, 00, 48, 83, C4, 28, E9, F6, FC, FF, FF, FF, 25, 18, 18, 00, 00, FF, 25, 1A, 18, 00, 00, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 05, 49, 00, 00, FF, 15, DF, 15, 00, 00, 4C, 8B, 1D, F0, 49, 00, 00, 4C, 89, 5C, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, AB, 03, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24...
 
[+]

Entropy:
5.7963

Code size:
17.5 KB (17,920 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
BeatsOSDApp

Command:
C:\Program Files\idt\wdm\beats64.exe


Scan beats64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.