home

con32-dg9_9_9.exe

Internet

It runs as a separate (within the context of its own process) windows Service named “DeleGate Server -P33333”.
Publisher:
Internet  (signed and verified)

MD5:
a6968b5e410dca3d543b8b1260fbb7a9

SHA-1:
5f081515368f57afb7ffaa5ca5f9daffcd9f5094

SHA-256:
53cf1679498ecd548d9b26c1fc3dfb4400f853ff3da6be88dad1a2e915e2f7c9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:06:40 PM UTC  (today)

File size:
3.3 MB (3,477,504 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\otp\tor\app\con32-dg9_9_9.exe

Digital Signature
Signed by:
Internet

Authority:
The DeleGate Project

Valid from:
3/26/2010 11:23:36 PM

Valid to:
6/25/2010 12:23:36 AM

Subject:
E=anonymous@id.delegate.org, CN=Anonymous User, OU=DeleGate Users, O=Internet

Issuer:
E=author@delegate.org, CN=Yutaka Sato, OU=The Author of DeleGate, O=The DeleGate Project, L=Tsukuba, S=Ibaraki, C=JP

Serial number:
18

File PE Metadata
Compilation timestamp:
6/15/2014 8:56:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
24576:/R2S+AeiJ3UjXKqO/dElOe3yIl7MdTGM0cMFpWj5TgmFNKcWo1ATi2IfVe2gO6KA:/4HW+rFEZPOVO6S6b42BV6Ly4PL9uPF

Entry address:
0x294805

Entry point:
E8, C5, C2, 00, 00, E9, 40, FE, FF, FF, FF, 74, 24, 08, FF, 74, 24, 08, FF, 15, C0, 31, 6B, 00, 85, C0, 75, 08, FF, 15, 10, 32, 6B, 00, EB, 02, 33, C0, 85, C0, 74, 0B, 50, E8, 85, EA, FF, FF, 59, 83, C8, FF, C3, 33, C0, C3, 8B, 44, 24, 04, 85, C0, 56, 8B, F1, C6, 46, 0C, 00, 75, 63, E8, 74, 91, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, C8, F6, 74, 00, 74, 12, 8B, 0D, E4, F5, 74, 00, 85, 48, 70, 75, 07, E8, 37, CC, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, E8, F4, 74, 00, 74...
 
[+]

Code size:
2.7 MB (2,826,240 bytes)

Service
Display name:
DeleGate Server -P33333

Service name:
DeleGate-P33333

Description:
DeleGate/9.9.9 (June 14, 2014) SERVER=tcprelay://reemwelgbkyowjuo.onion:6667 _execPath=C:\Program Files\OTP\Tor\App\con32-dg9_9_9.exe

Type:
Win32OwnProcess


Scan con32-dg9_9_9.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.