home

ccsvhost.exe

proTymTin

Technical and Commercial Consulting Pvt. Ltd.

Publisher:
Technical and Commercial Consulting Pvt. Ltd.  (signed and verified)

Product:
proTymTin

Version:
1.00

MD5:
8856bbced19b5b09677f764f1be11d1f

SHA-1:
95de38deb7876d2b539a8ecec3a731b6c23fae11

SHA-256:
2e223360253ab196d2b25391b4470d23c39f6ad9d45a97cd2b0c508c2d8194aa

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/18/2024 3:34:58 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.VbCrypt.8
9.0.1.05190

ESET NOD32
Win32/Spy.KeyLogger.NZL trojan
8.0.319.0

File size:
157.9 KB (161,680 bytes)

Product version:
1.00

Original file name:
Tymxanzanoomx.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Application data\ccsvhost.exe

Digital Signature
Signed by:
Technical and Commercial Consulting Pvt. Ltd.

Authority:
VeriSign, Inc.

Valid from:
11/22/2011 2:00:00 AM

Valid to:
11/22/2012 1:59:59 AM

Subject:
CN=Technical and Commercial Consulting Pvt. Ltd., OU=TCCPL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Technical and Commercial Consulting Pvt. Ltd., L=New Delhi, S=Delhi, C=IN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4BF1D68E926E2DD8966008C44F95EA1C

File PE Metadata
Compilation timestamp:
1/13/2012 1:27:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:/CnDj2HnulOUpjJcpcY7J1Nv9t5lZ/CpPgtKPSVDFZ/g2Qd:anDj2Hn8OUpjJcpHJ1Nv9t5D/DZ36

Entry address:
0x1BD4

Entry point:
68, C0, 1D, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, C6, 77, 07, A8, 75, 3D, CE, 43, 9D, BB, 8D, A6, 38, 7C, 7D, 67, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 47, 7B, 30, 30, 30, 32, 70, 72, 6F, 54, 79, 6D, 54, 69, 6E, 00, 30, 30, 30, 30, 2D, 43, 00, 00, 00, 00, FF, CC, 31, 00, 04, 11, 2D, 21, 47, B9, 8E, 0F, 40, 95, AB, 64, 2A, EA, 1A, 8A, 10, 44, FB, 31, 4D, 2F, 77, 92, 47, 8F, 15, 6F, BB, 3E, AB, AC, BC, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
4.1800

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
140 KB (143,360 bytes)

Scan ccsvhost.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.