home

CmdUtil.exe

CmdUtil

White Sky, Inc.

Publisher:
White Sky, Inc.  (signed and verified)

Product:
CmdUtil

Version:
1.0.0.0

MD5:
802506b53166c2f2c08f3cb1adbf74c3

SHA-1:
914822b08bca2b76b0429e7c62e4bbd0b2144521

SHA-256:
dda8703e68f72da2e179727853f2a067c5999ce4598774889816ad83a495b6c7

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 11:37:40 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Dr.Web
Trojan.StartPage.41083
9.0.1.0357

File size:
71.3 KB (73,008 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
CmdUtil.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\cmdutil.exe

Digital Signature
Signed by:
White Sky, Inc.

Authority:
VeriSign, Inc.

Valid from:
11/29/2012 7:00:00 PM

Valid to:
12/30/2014 6:59:59 PM

Subject:
CN="White Sky, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="White Sky, Inc.", L=Mountain View, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
46E5F0BD483CD603005DBFB4EB33C02C

File PE Metadata
Compilation timestamp:
2/13/2014 10:35:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x89AC

Entry point:
FF, 25, 9C, 89, 40, 00, 00, 00, 5F, 43, 6F, 72, 45, 78, 65, 4D, 61, 69, 6E, 00, 6D, 73, 63, 6F, 72, 65, 65, 2E, 64, 6C, 6C, 00, 48, 00, 00, 00, 02, 00, 05, 00, 14, 8A, 00, 00, 30, AF, 00, 00, 03, 00, 00, 00, 8D, 01, 00, 06, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 42, 53, 4A, 42, 01, 00, 01, 00, 00, 00, 00, 00, 0C, 00, 00, 00, 76, 34, 2E, 30, 2E, 33, 30, 33...
 
[+]

Entropy:
5.9716

Code size:
62.5 KB (64,000 bytes)

Scan CmdUtil.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.