home

ComproRC.exe

Compro Remote Control

JacTek Multimedia Co.,Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ComproRC’.
Publisher:
Compro Technology Ltd.  (signed by JacTek Multimedia Co.,Ltd.)

Product:
Compro Remote Control

Version:
1.0.0

MD5:
8e7f76b2598814e5b5f4817e55352cb3

SHA-1:
2a353bd928eaa53d2465807b0348b702e1b2d10e

SHA-256:
a909bfd679edf4cb7f54ab248983d1703c2880875494cac69a44f9bd46bbf7dc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 6:54:51 PM UTC  (today)

File size:
320.6 KB (328,328 bytes)

Product version:
1.0.0

Copyright:
Copyright (C) 2010 Compro Technology Ltd.

Original file name:
ComproRC.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\windows\comprorc.exe

Digital Signature
Signed by:
JacTek Multimedia Co.,Ltd.

Authority:
GlobalSign nv-sa

Valid from:
10/29/2010 4:15:18 AM

Valid to:
10/29/2011 4:15:18 AM

Subject:
CN="JacTek Multimedia Co.,Ltd.", O="JacTek Multimedia Co.,Ltd.", C=TW

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012BF5A1F51E

File PE Metadata
Compilation timestamp:
11/22/2010 7:37:51 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:2Q+kWJCmlAKidCFIpNNoNktCiVhHO8wtRK/9/aPGjUCBsi:2bAKyCF5MCiVhHO9R8/aPcsi

Entry address:
0x2277D

Entry point:
E8, DE, 85, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 56, 8B, 44, 24, 14, 0B, C0, 75, 28, 8B, 4C, 24, 10, 8B, 44, 24, 0C, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 08, F7, F1, 8B, F0, 8B, C3, F7, 64, 24, 10, 8B, C8, 8B, C6, F7, 64, 24, 10, 03, D1, EB, 47, 8B, C8, 8B, 5C, 24, 10, 8B, 54, 24, 0C, 8B, 44, 24, 08, D1, E9, D1, DB, D1, EA, D1, D8, 0B, C9, 75, F4, F7, F3, 8B, F0, F7, 64, 24, 14, 8B, C8, 8B, 44, 24, 10, F7, E6, 03, D1, 72, 0E, 3B, 54, 24, 0C, 77, 08, 72, 0F, 3B, 44, 24, 08, 76, 09...
 
[+]

Entropy:
6.4089

Code size:
208 KB (212,992 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ComproRC

Command:
C:\windows\comprorc.exe


Scan ComproRC.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.