home

ClamSentinel.exe

Clam Sentinel

Andrea Russo - Italy

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Clam Sentinel’.
Publisher:
Andrea Russo - Italy

Product:
Clam Sentinel

Version:
1.21.0.0

MD5:
2f9fc3e468e16c128787d10ec8617357

SHA-1:
b9dd8fadbde9c5a6745a3bdddbd1ad948d06267c

SHA-256:
e8ecc27fa754d4e012a6cc7235817ef93e8192d14239fd7ca8d86dd23a73121e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/28/2024 12:09:12 PM UTC  (today)

File size:
721 KB (738,304 bytes)

Product version:
1.21

Copyright:
Andrea Russo - Italy

Original file name:
ClamSentinel.exe

File type:
Executable application (Win32 EXE)

Language:
Italian (Italy)

Common path:
C:\Program Files\clamsentinel\clamsentinel.exe

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:8B93iMqVVDbYyEPWnYeyQyliDwiRkbgjbb5mfxe3SW:I3EDbCWYeAs3RkkL5fv

Entry address:
0x97BB0

Entry point:
55, 8B, EC, 83, C4, EC, 53, 33, C0, 89, 45, EC, B8, 68, 79, 49, 00, E8, 1E, F5, F6, FF, 33, C0, 55, 68, 3A, 7D, 49, 00, 64, FF, 30, 64, 89, 20, C6, 05, 74, B3, 49, 00, 01, A1, 34, 92, 49, 00, 8B, 00, E8, F9, C1, FC, FF, A1, 34, 92, 49, 00, 8B, 00, BA, 50, 7D, 49, 00, E8, F4, BD, FC, FF, 6A, 00, 68, 60, 7D, 49, 00, E8, 3C, FD, F6, FF, 85, C0, 74, 14, 6A, 00, 68, 70, 7D, 49, 00, E8, 2C, FD, F6, FF, 85, C0, 0F, 86, EE, 00, 00, 00, 8D, 55, EC, B8, 84, 7D, 49, 00, E8, 53, EA, FF, FF, 8B, 4D, EC, B2, 01, A1, 74...
 
[+]

Entropy:
6.5947

Developed / compiled with:
Microsoft Visual C++

Code size:
603.5 KB (617,984 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Clam Sentinel

Command:
C:\Program Files\clamsentinel\clamsentinel.exe


Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Clam Sentinel

Command:
"C:\Program Files\clamsentinel\clamsentinel.exe"


Scan ClamSentinel.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.