home

callregistercomponent.exe

Unistal Systems Pvt. Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘UBSuiteRTS_reg’.
Publisher:
Unistal Systems Pvt. Ltd.  (signed and verified)

MD5:
eeb4b21f4a82e0b9a6824e4b8f917a6a

SHA-1:
2f23f755fbda51958ee99bf39145712bc0079685

SHA-256:
0307cb043e0fda3f6329808e44f51b251e3947993d23225a984e1f59131ad6b0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 2:25:12 PM UTC  (today)

File size:
51.3 KB (52,528 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Unistal Systems Pvt. Ltd.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
2/26/2007 4:00:00 AM

Valid to:
2/27/2008 3:59:59 AM

Subject:
CN=Unistal Systems Pvt. Ltd., OU=Secure Application Development, O=Unistal Systems Pvt. Ltd., L=New Delhi, S=Delhi, C=IN

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
50634830085D5CE98ACBDC89B2DDE688

File PE Metadata
Compilation timestamp:
3/6/2007 3:40:21 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
768:ARaHqunH47Wz8SOOHqveIM/x+3rPPw+VcKIEtOJDnN:AdmBz8SHYGaPBVhtanN

Entry address:
0x1517

Entry point:
E8, 2A, 18, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, D8, AE, 40, 00, 89, 0D, D4, AE, 40, 00, 89, 15, D0, AE, 40, 00, 89, 1D, CC, AE, 40, 00, 89, 35, C8, AE, 40, 00, 89, 3D, C4, AE, 40, 00, 66, 8C, 15, F0, AE, 40, 00, 66, 8C, 0D, E4, AE, 40, 00, 66, 8C, 1D, C0, AE, 40, 00, 66, 8C, 05, BC, AE, 40, 00, 66, 8C, 25, B8, AE, 40, 00, 66, 8C, 2D, B4, AE, 40, 00, 9C, 8F, 05, E8, AE, 40, 00, 8B, 45, 00, A3, DC, AE, 40, 00, 8B, 45, 04, A3, E0, AE, 40, 00, 8D, 45, 08, A3, EC, AE, 40, 00, 8B...
 
[+]

Entropy:
5.8465

Code size:
28 KB (28,672 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
UBSuiteRTS_reg

Command:
C:\unistal\ubsuite\common files\callregistercomponent.exe


Scan callregistercomponent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.