» bvckup2.exe
Overview
Analysis
File Details
Behaviors (1)

bvckup2.exe

Bvckup 2

Pipemetrics SA

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.

File name:

bvckup2.exe

Publisher:

Pipemetrics SA (signed and verified)

Product:

Bvckup 2

Version:

1.74.11.0

MD5:

e06ec8e11c54a334152e43bbfa0d600c

SHA-1:

fba3223b7b4d0ff08a7c06f2f9134e1a48b2ca2e

SHA-256:

6d0faed023caa6c024827be9f4dce506fd27a7ab6e23081fcb1dbd08f48b5079

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/24/2024 10:14:02 PM UTC (today)

File size:

782.6 KB (801,360 bytes)

Product version:

1.74.11.0

File type:

Executable application (Win64 EXE)

Language:

English

Common path:

C:\Program Files\bvckup 2\bvckup2.exe

Digital Signature

Signed by:

Pipemetrics SA

Authority:

DigiCert Inc

Valid from:

4/3/2014 7:00:00 PM

Valid to:

4/8/2016 7:00:00 AM

Subject:

CN=Pipemetrics SA, O=Pipemetrics SA, L=Lausanne, S=Vaud, C=CH

Issuer:

CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0878B28E326EE341BF19B4C104BBF45F

File PE Metadata

Compilation timestamp:

7/6/2015 3:36:37 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:yFrSpsohVsqudPMDVj/n0tLOlsQSxcj7cPNDxjdNprJNXu3m4ogoa/If3qqmtk5L:AepjthVL0tLzdDFdNB6FoTXfaHe5

Entry address:

0x208F80

Entry point:

53, 56, 57, 55, 48, 8D, 35, 75, F0, F5, FF, 48, 8D, BE, 00, 90, E9, FF, 57, B8, 56, 60, 20, 00, 50, 48, 89, E1, 48, 89, FA, 48, 89, F7, BE, 79, 0F, 0A, 00, 55, 48, 89, E5, 44, 8B, 09, 49, 89, D0, 48, 89, F2, 48, 8D, 77, 02, 56, 8A, 07, FF, CA, 88, C1, 24, 07, C0, E9, 03, 48, C7, C3, 00, FD, FF, FF, 48, D3, E3, 88, C1, 48, 8D, 9C, 5C, 88, F1, FF, FF, 48, 83, E3, C0, 6A, 00, 48, 39, DC, 75, F9, 53, 48, 8D, 7B, 08, 8A, 4E, FF, FF, CA, 88, 47, 02, 88, C8, C0, E9, 04, 88, 4F, 01, 24, 0F, 88, 07, 48, 8D, 4F, FC... 
[+]

Entropy:

7.9245 (probably packed)

Code size:

648 KB (663,552 bytes)

Scheduled Task

Task name:

Bvckup 2

Trigger:

Logon (Runs on logon)

Description:

Starts Bvckup at log on

Scan bvckup2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.