home

CryptoARM_Reminder.exe

КриптоАРМ Модуль напоминаний

Cifrovie Tehnologii LLC

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘CryptoARM_Reminder.exe’.
Publisher:
ООО "Цифровые технологии"  (signed by Cifrovie Tehnologii LLC)

Product:
КриптоАРМ Модуль напоминаний

Version:
4, 7, 0, 8020

MD5:
211101659e8612de5a759db37c5cecd3

SHA-1:
89f1327bb083aab9540b1b72aa3e00000f3596c9

SHA-256:
0f088bea5a9bfae306f248f9f8573a3213d96f53d6f768cf5327443a271052ee

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 2:02:22 AM UTC  (today)

File size:
4.9 MB (5,137,504 bytes)

Product version:
4, 7, 0, 8020

Copyright:
ООО "Цифровые технологии" © 2004-2010 Все права защищены.

Original file name:
CryptoARM_Reminder.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Cifrovie Tehnologii LLC

Authority:
Thawte, Inc.

Valid from:
6/15/2011 3:00:00 AM

Valid to:
6/15/2013 2:59:59 AM

Subject:
CN=Cifrovie Tehnologii LLC, O=Cifrovie Tehnologii LLC, L=Joshkar-Ola, S=Marij Jel republic, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
71E15E1BFAB4002711578B8C44E1426D

File PE Metadata
Compilation timestamp:
7/4/2012 2:56:01 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:stEI5u3w14i6f/UCDZl9AjCVzYSKdbVRVtX/cKu6GaX824IBAUZLYkMtU:qd14ikDZA+WBAUZL6

Entry address:
0x13A624

Entry point:
E8, 0F, 06, 00, 00, E9, 37, FD, FF, FF, FF, 25, 34, 28, 57, 00, FF, 25, 38, 28, 57, 00, FF, 25, 40, 28, 57, 00, 57, 56, 55, 33, FF, 33, ED, 8B, 44, 24, 14, 0B, C0, 7D, 15, 47, 45, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24, 18, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 1C, 89, 54, 24, 18, 0B, C0, 75, 28, 8B, 4C, 24, 18, 8B, 44, 24, 14, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 10, F7, F1, 8B, F0, 8B, C3, F7, 64, 24, 18, 8B, C8, 8B, C6...
 
[+]

Code size:
1.4 MB (1,509,888 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
CryptoARM_Reminder.exe

Command:
C:\Program Files\digt\trusted\desktop\cryptoarm_reminder.exe


Scan CryptoARM_Reminder.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.