» clearamcache64.exe
Overview
Analysis
File Details
Behaviors (1)

clearamcache64.exe

Osprey capture drivers and utilities.

ViewCast.com, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ClearAMCache’.

File name:

clearamcache64.exe

Publisher:

Osprey Technologies, a division of ViewCast Corporation. (signed by ViewCast.com, Inc.)

Product:

Osprey capture drivers and utilities.

Description:

ClearAMCache Console Application

Version:

4.5.0.89

MD5:

26a2eec17a55b2988f2b1a41d522fd6b

SHA-1:

f9f3dbb86080e79a4f495cd30c214ba640926b42

SHA-256:

5ea98e212139513cf4f90471dab502e6a0f1f9d25316d70f30b711e73f47ff5d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/27/2024 2:48:58 AM UTC (today)

File size:

33.6 KB (34,360 bytes)

Product version:

4.5.0.89

Trademarks:

Original file name:

ClearAMCache.exe

File type:

Executable application (Win64 EXE)

Common path:

C:\Program Files\viewcast\osprey avstream\clearamcache64.exe

Digital Signature

Signed by:

ViewCast.com, Inc.

Authority:

VeriSign, Inc.

Valid from:

6/11/2012 9:00:00 AM

Valid to:

6/12/2013 8:59:59 AM

Subject:

CN="ViewCast.com, Inc.", OU="Osprey Technologies, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ViewCast.com, Inc.", L=Plano, S=Texas, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

28048B2DE334EF4CA9D44430E6A7554E

File PE Metadata

Compilation timestamp:

7/7/2012 12:20:02 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

9.0

CTPH (ssdeep):

384:Y/E5mA/vNy5rb03aWAPu7B+Bo/6j183mirILjp1W6jOZ5eM9:Y/emA/ly5rYaWFo6ij1nIILSmc

Entry address:

0x15E0

Entry point:

48, 83, EC, 28, E8, DB, 03, 00, 00, 48, 83, C4, 28, E9, 86, FD, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, E9, 1A, 00, 00, FF, 15, 43, 0A, 00, 00, 4C, 8B, 1D, D4, 1B, 00, 00, 4C, 89, 5C, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, 71, 04, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, 94, 1A, 00, 00, 48, 89, 44, 24... 
[+]

Entropy:

5.4487

Code size:

3 KB (3,072 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

ClearAMCache

Command:

C:\Program Files\viewcast\osprey avstream\clearamcache64.exe

Scan clearamcache64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.