home

CSDUpdateAgent.EXE

CSDUpdateAgent Application

Dream To Reality Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘CSDUpdateAgent’.
Publisher:
Dream To Reality Co., Ltd.  (signed and verified)

Product:
CSDUpdateAgent Application

Version:
1, 0, 2007, 1115

MD5:
564f334932f2cfc55abf4a37b5cf8285

SHA-1:
9d7dff1643e32784face766fb594202ac4d08140

SHA-256:
7d4c6ed81aa9c0362bc9a3524d5ca17e1528a435130fc444de1cf1c9acabb80c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 7:24:23 PM UTC  (today)

File size:
61.5 KB (62,928 bytes)

Product version:
1, 0, 2007, 1115

Copyright:
Copyright (C) 2007 Dream To Reality Co., Ltd.

Original file name:
CSDUpdateAgent.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\csdupdateagent.exe

Digital Signature
Signed by:
Dream To Reality Co., Ltd.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/2/2007 10:49:28 AM

Valid to:
4/28/2009 5:04:25 PM

Subject:
CN="Dream To Reality Co., Ltd.", OU=CSD Team, O="Dream To Reality Co., Ltd.", L=Gangnamgu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
34BF8BE49B807C279456B7E98AEA7FF2

File PE Metadata
Compilation timestamp:
11/15/2007 2:22:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:XirM2GdyyBdXR2rMUlMxAAmjq8sd6Tn4D:XirM2d61R2rrlIAbjqITnW

Entry address:
0x7F0E

Entry point:
55, 8B, EC, 6A, FF, 68, 18, 9D, 40, 00, 68, 52, 81, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, 6C, 93, 40, 00, 59, 83, 0D, 08, B5, 40, 00, FF, 83, 0D, 0C, B5, 40, 00, FF, FF, 15, 70, 93, 40, 00, 8B, 0D, FC, B4, 40, 00, 89, 08, FF, 15, 74, 93, 40, 00, 8B, 0D, F8, B4, 40, 00, 89, 08, A1, 78, 93, 40, 00, 8B, 00, A3, 04, B5, 40, 00, E8, D2, 01, 00, 00, 39, 1D, 10, B4, 40, 00, 75, 0C, 68, 4E, 81, 40, 00, FF, 15...
 
[+]

Entropy:
5.8278

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
32 KB (32,768 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
CSDUpdateAgent

Command:
C:\Windows\System32\csdupdateagent.exe \a


Scan CSDUpdateAgent.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.