home

coolmsgr.exe

CoolMessenger 2008

Jiransoft Co., Ltd.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘CoolMessenger 2008’.
Publisher:
Jiransoft Co., Ltd.  (signed and verified)

Product:
CoolMessenger 2008

Version:
5, 60, 8, 23

MD5:
35b29fb9649a33f7b4cecbd7e47b7466

SHA-1:
33dc0fc613d0900d288d23fa63c8a0e471b704ea

SHA-256:
e143f99a246f3bb2373abc382a78e663878c8618c794dcd34f418bbafb3769ef

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:01:40 PM UTC  (today)

File size:
1.2 MB (1,291,824 bytes)

Product version:
5, 60, 8, 23

Copyright:
Copyright (C) 2006-2009 Jiransoft Co., Ltd. All rights reserved.

Trademarks:
CoolMessenger 2008

Original file name:
CoolMessenger.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\jiransoft\coolmessenger 2008\coolmsgr.exe

Digital Signature
Signed by:
Jiransoft Co., Ltd.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/21/2008 9:23:05 PM

Valid to:
4/21/2010 9:23:05 PM

Subject:
CN="Jiransoft Co., Ltd.", OU=Management strategy team, O="Jiransoft Co., Ltd.", L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
76E8D8AD80974D06C6ECFD96AC94E7FB

File PE Metadata
Compilation timestamp:
9/16/2008 12:43:47 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:e5edyoCr2eK2M5GAUl2JltDdSgGa2yyoNFUj:emyoCr2z2wdi2DFdSgGr0HC

Entry address:
0xB7106

Entry point:
55, 8B, EC, 6A, FF, 68, A0, 28, 4D, 00, 68, 60, 75, 4B, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, 1C, 8C, 4C, 00, 59, 83, 0D, 3C, 27, 4F, 00, FF, 83, 0D, 40, 27, 4F, 00, FF, FF, 15, 20, 8C, 4C, 00, 8B, 0D, 1C, 27, 4F, 00, 89, 08, FF, 15, 24, 8C, 4C, 00, 8B, 0D, 18, 27, 4F, 00, 89, 08, A1, 28, 8C, 4C, 00, 8B, 00, A3, 38, 27, 4F, 00, E8, F0, 04, 00, 00, 39, 1D, 00, 15, 4F, 00, 75, 0C, 68, 64, 76, 4B, 00, FF, 15...
 
[+]

Entropy:
5.8465

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
796 KB (815,104 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
CoolMessenger 2008

Command:
"C:\Program Files\jiransoft\coolmessenger 2008\coolmsgr.exe"


Scan coolmsgr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.