home

cloudbox.exe

雲端資料櫃

中華電信股份有限公司

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘CloudBox’.
Publisher:
中華電信  (signed by 中華電信股份有限公司)

Product:
雲端資料櫃

Version:
1.0.24.5297

MD5:
263458edf278c1d95c32fd8f90ec06ee

SHA-1:
9694dc8666219042079b23650bb49a5bf6745555

SHA-256:
7191549c368d96e71b370db76747ae02a1c6266805ada94b9dad1d74661dd373

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/13/2024 9:15:58 PM UTC  (today)

File size:
9.7 MB (10,138,760 bytes)

Product version:
1.0

Copyright:
中華電信

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\cloudbox\cloudbox.exe

Digital Signature
Signed by:
中華電信股份有限公司

Authority:
Chunghwa Telecom Co., Ltd.

Valid from:
8/19/2015 9:33:21 AM

Valid to:
8/19/2020 9:33:21 AM

Subject:
SERIALNUMBER=0002101020015929, CN=數據通信分公司匯流系統處, OU=數據通信分公司匯流系統處, O=中華電信股份有限公司, C=TW

Issuer:
OU=Public Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW

Serial number:
64B0CF9AF9720A377336BD9C3F55B35B

File PE Metadata
Compilation timestamp:
10/29/2015 2:54:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
196608:AHq3C4CzI1wCN0hytrth7dPE31+kZ1pwmQrz2q:AHq3C4CzI1DN0hytZh7d831+kZCrz2q

Entry address:
0x28C0

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, C0, 91, 00, A1, 9F, C0, 91, 00, C1, E0, 02, A3, A3, C0, 91, 00, 52, 6A, 00, E8, FD, 7C, 51, 00, 8B, D0, E8, 16, 45, 50, 00, 5A, E8, 38, 44, 50, 00, E8, 67, 46, 50, 00, 6A, 00, E8, A8, 68, 50, 00, 59, 68, 48, C0, 91, 00, 6A, 00, E8, D7, 7C, 51, 00, A3, A7, C0, 91, 00, 6A, 00, E9, 8B, 19, 51, 00, E9, DA, 68, 50, 00, 33, C0, A0, 91, C0, 91, 00, C3, A1, A7, C0, 91, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, F8, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
6.2651

Code size:
5.1 MB (5,353,472 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
CloudBox

Command:
"C:\users\{user}\appdata\roaming\cloudbox\cloudbox.exe"


Scan cloudbox.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.