home

Connect.exe

Connect

YTL Communications Sdn. Bhd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘LaunchYTLCM’.
Publisher:
YTL Communications  (signed by YTL Communications Sdn. Bhd.)

Product:
Connect

Description:
Connect Application

Version:
1.9.27.0

MD5:
04573d583fe1092c8c57c9c9752c962a

SHA-1:
5bab6603ee83c2c3b095f37803f131b75c219291

SHA-256:
aeb73f87334c04313c7c6a3029e90530f68b41f41f26dd773d6cc7ad95d7cb03

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 4:29:22 AM UTC  (today)

File size:
5.2 MB (5,501,992 bytes)

Product version:
1.9.27.0

Copyright:
(c) YTL Communications. All rights reserved.

Original file name:
Connect.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\yes\connect\connect.exe

Digital Signature
Signed by:
YTL Communications Sdn. Bhd.

Authority:
DigiCert Inc

Valid from:
6/28/2013 8:00:00 AM

Valid to:
9/2/2015 8:00:00 PM

Subject:
CN=YTL Communications Sdn. Bhd., O=YTL Communications Sdn. Bhd., L=Kuala Lumpur, S=Kuala Lumpur, C=MY

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0B41BABC765C9F5AEF91D546E4972369

File PE Metadata
Compilation timestamp:
7/13/2015 12:25:52 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:Ttr1xQ69virjPuCikU5qnoQ0D/ReUZV6RdfVIfu:Ttr1xQuirTuvALyfu

Entry address:
0x2AD9F

Entry point:
E8, ED, 06, 00, 00, E9, 49, FE, FF, FF, 3B, 0D, 0C, 50, 44, 00, 75, 02, F3, C3, E9, 99, 01, 00, 00, 55, 8B, EC, F6, 45, 08, 02, 56, 8B, F1, 74, 25, 57, 68, A0, B5, 42, 00, 8D, 7E, FC, FF, 37, 6A, 0C, 56, E8, 57, 03, 00, 00, F6, 45, 08, 01, 74, 07, 57, E8, 1B, F9, FF, FF, 59, 8B, C7, 5F, EB, 14, E8, B2, 07, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, 04, F9, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, FF, 25, B4, F3, 42, 00, FF, 25, 70, F3, 42, 00, FF, 25, 6C, F3, 42, 00, 83, 3D, A0, 8F, 45, 00, 00, 74, 03, 33, C0...
 
[+]

Entropy:
6.9190

Code size:
182 KB (186,368 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
LaunchYTLCM

Command:
C:\Program Files\yes\connect\connect.exe


Scan Connect.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.