home

BeTwinMessagesLog.exe

BeTwin 2000/XP/VS/ES

ThinSoft Pte Ltd

It runs as a separate (within the context of its own process) windows Service named “BeTwin Messages Log”.
Publisher:
ThinSoft Pte Ltd.  (signed by ThinSoft Pte Ltd)

Product:
BeTwin 2000/XP/VS/ES

Description:
BeTwin Messages Log

Version:
2.00 built by: WinDDK

MD5:
77ff288430efe44f1c5f52bcf891bf3e

SHA-1:
7b5c88a439b62844c1703e8b6d8c5cd6b11ed971

SHA-256:
273a401ca3b93e3c01d2ca46899da0002cb0893ccd6c9c8ed58a95a0918f431c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 4:56:07 PM UTC  (today)

File size:
79.8 KB (81,736 bytes)

Product version:
2.00

Copyright:
Copyright (C) 2001-2013, ThinSoft Pte Ltd.

Original file name:
BeTwinMessagesLog.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\betwinmessageslog.exe

Digital Signature
Signed by:
ThinSoft Pte Ltd

Authority:
VeriSign, Inc.

Valid from:
2/19/2013 8:00:00 AM

Valid to:
4/21/2015 7:59:59 AM

Subject:
CN=ThinSoft Pte Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ThinSoft Pte Ltd, L=Singapore, S=Singapore, C=SG

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
46AADB662627C0A42A02D7867ABE670C

File PE Metadata
Compilation timestamp:
11/22/2013 3:41:25 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
1536:W8UfOPB92nvZ0X2zWxNJbCp0iQ/1cjpT0OsUFu:W8UfOPCZwYEpf1+0OsUc

Entry address:
0x578C

Entry point:
E8, 50, 25, 00, 00, E9, 59, FE, FF, FF, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 53, 56, 8B, 75, 08, 57, 33, FF, 83, CB, FF, 3B, F7, 75, 1C, E8, 7A, 2A, 00, 00, 57, 57, 57, 57, 57, C7, 00, 16, 00, 00, 00, E8, 13, 2A, 00, 00, 83, C4, 14, 0B, C3, EB, 42, F6, 46, 0C, 83, 74, 37, 56, E8, B0, 27, 00, 00, 56, 8B, D8, E8, 72, 27, 00, 00, 56, E8, 35, 27, 00, 00, 50, E8, 1E, 26, 00, 00, 83, C4, 10, 85, C0, 7D, 05, 83, CB, FF, EB, 11, 8B, 46, 1C, 3B, C7, 74, 0A, 50, E8, 3A, 05, 00, 00, 59, 89, 7E, 1C, 89, 7E, 0C, 8B...
 
[+]

Entropy:
6.4324

Code size:
63 KB (64,512 bytes)

Service
Display name:
BeTwin Messages Log

Service name:
BeTwinMessagesLog

Type:
Win32OwnProcess


Scan BeTwinMessagesLog.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.