home

BrCcBoot.exe

Brother ControlCenter

Brother Industries, Ltd.

This is a setup program which is used to install the application. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ControlCenter4’. The file has been seen being downloaded from mail.one.com.
Publisher:
Brother Industries, Ltd.

Product:
Brother ControlCenter

Description:
ControlCenter Launcher

Version:
4, 1, 35, 1

MD5:
5d666fc778e7754cc7103402d814809b

SHA-1:
a42ab7edc3f3a3d6ed7e0c28671be7853d4f1d1f

SHA-256:
7e9b205b74440d455155014ee8d6fd0d1c647b016d72a28f16709f50bc005d3f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:02:05 AM UTC  (today)

File size:
140 KB (143,360 bytes)

Product version:
4, 1, 35, 1

Copyright:
Copyright(C) 2009-2012 Brother Industries, Ltd.

Original file name:
BrCcBoot.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\controlcenter4\brccboot.exe

File PE Metadata
Compilation timestamp:
9/6/2012 2:06:39 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:HMdFJmkypgFPIbVGRT/JIcitDoXBdJmltXO2M4uked:HMfckDtIbwrDC9/uf

Entry address:
0x8148

Entry point:
E8, 44, 4A, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, A8, A4, 41, 00, 89, 0D, A4, A4, 41, 00, 89, 15, A0, A4, 41, 00, 89, 1D, 9C, A4, 41, 00, 89, 35, 98, A4, 41, 00, 89, 3D, 94, A4, 41, 00, 66, 8C, 15, C0, A4, 41, 00, 66, 8C, 0D, B4, A4, 41, 00, 66, 8C, 1D, 90, A4, 41, 00, 66, 8C, 05, 8C, A4, 41, 00, 66, 8C, 25, 88, A4, 41, 00, 66, 8C, 2D, 84, A4, 41, 00, 9C, 8F, 05, B8, A4, 41, 00, 8B, 45, 00, A3, AC, A4, 41, 00, 8B, 45, 04, A3, B0, A4, 41, 00, 8D, 45, 08, A3, BC, A4, 41, 00, 8B...
 
[+]

Code size:
76 KB (77,824 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ControlCenter4

Command:
C:\Program Files\controlcenter4\brccboot.exe \autorun


The file BrCcBoot.exe has been seen being distributed by the following URL.

https://mail.one.com/api/michael@seltab.se/mail/1/INBOX.Drafts/1367335292/2736/.../BrCcBoot.exe

Scan BrCcBoot.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.