» close.exe
Overview
Analysis
File Details
Programs (1)

close.exe

Cloud OC Program

Giga-Byte Technology

File name:

close.exe

Publisher:

Giga-Byte Technology (signed and verified)

Product:

Cloud OC Program

Version:

1, 0, 0, 1

MD5:

5e446ca66c31bf3b3b06e8bcea1d4e12

SHA-1:

3b46ce00440f0480946e45da1a75feb9d7c8bd8a

SHA-256:

c0fe24b3dba77ba638bdb7ee16f35747dbc7593923f65d4ac2b91491a5f5fca4

Scanner detections:

7 / 68

Status:

Clean (7 possible false positive detections)

Analysis date:

4/24/2024 11:57:18 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

AhnLab V3 Security

Malware/Win32.Generic

2010.08.08

Avira AntiVirus

TR/Agent.219688.1

8.2.4.34

Bitdefender

DeepScan:Generic.Malware.P!Pk.410295D9

1.0.20.125

Comodo Security

UnclassifiedMalware

5677

F-Secure

DeepScan:Generic.Malware.P!Pk.410295D9

11.2014-25-01_7

G Data

DeepScan:Generic.Malware.P!Pk.410295D9

14.1.21

Panda Antivirus

Suspicious file

14.01.25.08

File size:

214.5 KB (219,688 bytes)

Product version:

1, 0, 0, 1

Original file name:

Run.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\gigabyte\coc\close.exe

Digital Signature

Signed by:

Giga-Byte Technology

Authority:

VeriSign, Inc.

Valid from:

10/2/2007 2:00:00 AM

Valid to:

10/19/2010 1:59:59 AM

Subject:

CN=Giga-Byte Technology, OU=Testing Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Giga-Byte Technology, L=Taipei Hsien, S=Taiwan, C=TW

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

720EF3AAA1A44F7D0717A805C290C378

File PE Metadata

Compilation timestamp:

6/28/2010 9:26:37 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:D62EH1DhvbErxLp3/rm1rtWHnEW4kUzF7Ic+DkbaQao6u/Palkiq84bb3co:+22hvbEH3EBWHnEW4ksSoD/CqFT

Entry address:

0x9869

Entry point:

55, 8B, EC, 6A, FF, 68, 28, 36, 42, 00, 68, 5C, CD, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, B0, 11, 42, 00, 33, D2, 8A, D4, 89, 15, A8, E1, 42, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, A4, E1, 42, 00, C1, E1, 08, 03, CA, 89, 0D, A0, E1, 42, 00, C1, E8, 10, A3, 9C, E1, 42, 00, 6A, 01, E8, 51, 34, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 03, 29, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75... 
[+]

Entropy:

6.1457

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

128 KB (131,072 bytes)

The file close.exe has been discovered within the following program.

Cloud OC by GIGABYTE

Publisher's description - “Cloud OC is an entirely new application that allows you to overclock your system via LAN, wireless LAN or Bluetooth with any Internet browser capable device. Cloud OC's many functions are categorized into three tabs: Tuner, System Info and Control.”

www.GIGABYTE.com

12% remove it

Scan close.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.