home

ccApp.exe

Client and Host Security Platform

Symantec Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ccApp’.
Publisher:
Symantec Corporation  (signed and verified)

Product:
Client and Host Security Platform

Description:
Symantec User Session

Version:
103.0.6.5

MD5:
16df4b63ed3bc258d974fb11fc4122e0

SHA-1:
65267807087460e047692393a904234ca7ccb526

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:50:16 PM UTC  (today)

File size:
57.7 KB (59,040 bytes)

Product version:
103.0.6.5

Copyright:
Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.

Original file name:
ccApp.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\common files\symantec shared\ccapp.exe

Digital Signature
Signed by:
Symantec Corporation

Authority:
VeriSign, Inc.

Valid from:
10/27/2005 9:00:00 AM

Valid to:
11/25/2006 8:59:59 AM

Subject:
CN=Symantec Corporation, OU=Symantec Research Labs, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Symantec Corporation, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
035F9A870E1DCB22429E23C72621C313

File PE Metadata
Compilation timestamp:
12/21/2005 10:50:22 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
768:V+qrvmPVD5k9IK5hOjg6t4yf+wgQKIei8fwgFhCHy/9EQK2AL3JQbAI:4HP0+Gu4yWwPKNfw+BF9K2Amp

Entry address:
0x579D

Entry point:
6A, 74, 68, 70, 82, 40, 00, E8, 3F, 02, 00, 00, 33, DB, 89, 5D, E0, 53, 8B, 3D, 64, 70, 40, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03, C8, 81, 39, 50, 45, 00, 00, 75, 12, 0F, B7, 41, 18, 3D, 0B, 01, 00, 00, 74, 1F, 3D, 0B, 02, 00, 00, 74, 05, 89, 5D, E4, EB, 27, 83, B9, 84, 00, 00, 00, 0E, 76, F2, 33, C0, 39, 99, F8, 00, 00, 00, EB, 0E, 83, 79, 74, 0E, 76, E2, 33, C0, 39, 99, E8, 00, 00, 00, 0F, 95, C0, 89, 45, E4, 89, 5D, FC, 6A, 02, FF, 15, C4, 70, 40, 00, 59, 83, 0D, 74, A2, 40, 00, FF, 83...
 
[+]

Entropy:
5.3683

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
24 KB (24,576 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ccApp

Command:
"C:\Program Files\common files\symantec shared\ccapp.exe"


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.