home

csConsole.exe

StormShield Personal Edition

SkyRecon Systems

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘StormShield PE’.
Publisher:
SkyRecon Systems  (signed and verified)

Product:
StormShield Personal Edition

Description:
StormShield Personal Edition Console

Version:
3.1.2.18666

MD5:
e41bb7395d60e3b1bb89b3d7b42af208

SHA-1:
f3750a8b6ec10b822cef7449836062b44f2c22f2

SHA-256:
29e372928b4c79e902a914c78f414e4fd5136287612d1892e39962b7d5a45932

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 8:22:55 PM UTC  (today)

File size:
682.9 KB (699,248 bytes)

Product version:
3.1.2.18666

Copyright:
Copyright © SkyRecon Systems 2010

Original file name:
csConsole.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\skyrecon\stormshield personal edition\console\csconsole.exe

Digital Signature
Signed by:
SkyRecon Systems

Authority:
GlobalSign nv-sa

Valid from:
1/13/2011 6:46:47 AM

Valid to:
1/13/2012 8:03:25 AM

Subject:
CN=SkyRecon Systems, OU=SkyRecon Systems, O=SkyRecon Systems, L=Paris, S=France, C=FR

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012D80080E3C

File PE Metadata
Compilation timestamp:
3/4/2011 7:36:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:6S2mem5DyPJgCjU4gkca91cfD/9NdtdndWdWdwe8GRCvFd:6Qw3BgDrTJkk6Fd

Entry address:
0xA175E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.1381

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
640 KB (655,360 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
StormShield PE

Command:
"C:\Program Files\skyrecon\stormshield personal edition\console\csconsole.exe" \minimized


Scan csConsole.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.