home

blackelement.exe

GM15V2/GM15V3/GM15V4

DEXIN

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Tt eSPORTS BLACK Element Gaming Mouse’.
Publisher:
Thermaltake  (signed by DEXIN)

Product:
GM15V2/GM15V3/GM15V4

Description:
Thermaltake Gaming Mouse

Version:
1.0.0.1

MD5:
a8f3aa6a2e4ef74a3fdddbb826b84e3f

SHA-1:
b8907f87aedeaf6f47b31bd6a24f70f1b3e87bed

SHA-256:
326699a1d205386964d8338d306848988af187b52760f00989af3b8f112c3bdb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 3:35:08 AM UTC  (today)

File size:
17.5 MB (18,328,968 bytes)

Product version:
1.5.0.4

Copyright:
(c) <Thermaltake>. All rights reserved.

Original file name:
MS1.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\tt esports\tt esports black element\blackelement.exe

Digital Signature
Signed by:
DEXIN

Authority:
VeriSign, Inc.

Valid from:
5/26/2012 10:00:00 AM

Valid to:
3/6/2015 9:59:59 AM

Subject:
CN=DEXIN, OU=Research & Developement, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=DEXIN, L="Chung Ho City, Taipei County", S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
622C47C38CA306EB0ABF7F90EB635E6E

File PE Metadata
Compilation timestamp:
10/22/2012 4:10:14 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:7Si82rrrUbbbErrrcbbbgrrrcbbbliiiMbbbgrrr8bbbgrrrbrrrMkkkDrrrcCC7:7Si82rrrUbbbErrrcbbbgrrrcbbbliit

Entry address:
0x122A90

Entry point:
E8, 04, 6D, 00, 00, E9, 89, FE, FF, FF, 3B, 0D, D0, D3, 59, 00, 75, 02, F3, C3, E9, 8B, 6D, 00, 00, 8B, FF, 51, C7, 01, 44, DA, 56, 00, E8, 83, 6E, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, F4, B7, F0, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, C1, 6E, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 83, EC, 20, 53, 57, 33, DB, 6A, 07, 33, C0, 59, 8D, 7D, E4, 89, 5D...
 
[+]

Entropy:
4.8464

Code size:
1.3 MB (1,338,880 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Tt eSPORTS BLACK Element Gaming Mouse

Command:
"C:\Program Files\tt esports\tt esports black element\blackelement.exe" \automation


The file blackelement.exe has been discovered within the following program.

Tt eSPORTS BLACK Element  by Tt eSPORTS
About 1% of users remove it
 
Powered by Should I Remove It?

Scan blackelement.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.