home

Clnmbrs.exe

Zemana AntiLogger

Zemana Information Technologies Industry Limited

Publisher:
Zemana Ltd.  (signed by Zemana Information Technologies Industry Limited)

Product:
Zemana AntiLogger

Description:
AntiLogger System Call Monitor

Version:
1.1.2.33

MD5:
d954eb3ec8166e92121782df8c4de1e8

SHA-1:
48cb34ff3846b6587ec0d560cb6756f0c8014a26

SHA-256:
ecdbc99971003a341df2a62c84a02d5aad0add624341a8e765c2f56c1ad6d69b

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 1:50:48 PM UTC  (today)

Scan engine
Detection
Engine version

Norman
W32/Obfuscated.R
11.20141112

File size:
130.9 KB (134,000 bytes)

Product version:
1.1.2.0

Copyright:
© Zemana Ltd. All rights reserved.

Trademarks:
AntiLogger(tm) is a trademark of Zemana Ltd.

Original file name:
Clnmbrs.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\data\offline\44b80218\4acd94d1\clnmbrs.exe

Digital Signature
Signed by:
Zemana Information Technologies Industry Limited

Authority:
VeriSign, Inc.

Valid from:
11/28/2008 1:00:00 AM

Valid to:
12/4/2009 12:59:59 AM

Subject:
CN=Zemana Information Technologies Industry Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Zemana Information Technologies Industry Limited, L=Istanbul, S=Uskudar, C=TR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2AE026D2DAB457835BC5A9E9428B99F0

File PE Metadata
Compilation timestamp:
10/24/2008 12:28:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
3072:kYYngBFfqmA4/MpEAMtVYYYYYYRYYYdYYYyYtY0Ydp6:DYgnSmVzKQ

Entry address:
0x1000

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, 40, A1, 40, 00, A1, 33, A1, 40, 00, C1, E0, 02, A3, 37, A1, 40, 00, 52, 6A, 00, E8, B7, 8C, 00, 00, 8B, D0, E8, EE, 1F, 00, 00, 5A, E8, F0, 12, 00, 00, E8, E7, 1F, 00, 00, 6A, 00, E8, 7C, 2C, 00, 00, 59, 68, DC, A0, 40, 00, 6A, 00, E8, 91, 8C, 00, 00, A3, 3B, A1, 40, 00, 6A, 00, E9, 8B, 6B, 00, 00, E9, AA, 2C, 00, 00, 33, C0, A0, 25, A1, 40, 00, C3, A1, 3B, A1, 40, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, A4, 00, 00, 00, 0B, C9...
 
[+]

Code size:
36 KB (36,864 bytes)

Scan Clnmbrs.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.