home

CertKeySvc.exe

CertKeySvc

Eltwocompany

The application CertKeySvc.exe by Eltwocompany has been detected as adware by 4 anti-malware scanners.
Publisher:
ELTWO  (signed by Eltwocompany)

Product:
CertKeySvc

Description:
ELTWO

Version:
1.0.0.1

MD5:
4ece80d354e6df69d56fec38b7887392

SHA-1:
4d62e247524030111f05c6d53eb5c5e564731880

SHA-256:
74c366c8f018ba87dcb8ee1a8477ffa744f3df53cfbf6ac3a9f14ac83d256ef2

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
4/26/2024 4:21:08 AM UTC  (today)

Scan engine
Detection
Engine version

nProtect
Adware/W32.Agent1.28016
14.01.10.01

Reason Heuristics
PUP.Eltwocompany.K
14.8.8.0

Trend Micro House Call
TROJ_GEN.F47V1121
7.2.4

ViRobot
Adware.CertKey.28016
2011.4.7.4223

File size:
27.4 KB (28,016 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (C) 2013

Original file name:
CertKeySvc.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\syswow64\config\systemprofile\appdata\roaming\certkey\certkeysvc.exe

Digital Signature
Signed by:
Eltwocompany

Authority:
Thawte, Inc.

Valid from:
9/17/2013 9:00:00 AM

Valid to:
10/18/2014 8:59:59 AM

Subject:
CN=Eltwocompany, O=Eltwocompany, L=Seocho-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2EDC6D113F1BCA68A7DF78E66DC81620

File PE Metadata
Compilation timestamp:
11/8/2013 3:31:51 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
768:2j6wOhrfpoVHwXWbkBlzyvI2SgOiK+XxUlSX:2OhoVQmVOcxUlS

Entry address:
0x30E7

Entry point:
E8, 97, 04, 00, 00, E9, B3, FD, FF, FF, 6A, 14, 68, C8, 47, 40, 00, E8, D3, 01, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, E1, 04, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, C9, 01, 00, 00, C2, 10, 00, 6A, 0C, 68, E8, 47, 40, 00, E8, 75, 01, 00, 00, 83, 65, E4, 00, 8B, 75, 0C, 8B, C6, 0F, AF, 45...
 
[+]

Entropy:
6.0910

Code size:
11.5 KB (11,776 bytes)

Remove CertKeySvc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.