home

cyberclient.exe

CyberPlanet

FIDEL HORACIO DALI

The executable cyberclient.exe has been detected as malware by 1 anti-virus scanner. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Client’.
Publisher:
Proyecto Redes  (signed by FIDEL HORACIO DALI)

Product:
CyberPlanet

Version:
5.09.0005

MD5:
c3a9290c5719d3b76230b388d282c264

SHA-1:
f5011ced84f2c165f928cb4585b381a976348c05

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/25/2024 4:09:03 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.12.5.14

File size:
590.2 KB (604,392 bytes)

Product version:
5.09.0005

Copyright:
Fidel Dali

Trademarks:
Proyecto Redes

Original file name:
cyberclient.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\Program Files\cyberclient\cyberclient.exe

Digital Signature
Signed by:
FIDEL HORACIO DALI

Authority:
The USERTRUST Network

Valid from:
7/15/2010 8:00:00 PM

Valid to:
7/16/2011 7:59:59 PM

Subject:
CN=FIDEL HORACIO DALI, O=FIDEL HORACIO DALI, STREET=Ciudad De La Paz 1701, L=Ciudad de Buenos Aires, S=Buenos Aires, PostalCode=1426, C=AR

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00E3ECFF8CB34CC62F22F45BA9EBCF5E4A

File PE Metadata
Compilation timestamp:
2/15/2011 5:29:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:eqknjteDi//TDHh8sG8WXTbVol6sM6sUwDywsmVW2H3Euu2:bkZeu/vhTG8WXTbVq6sM6sU3vmVWy

Entry address:
0x1E53E0

Entry point:
EB, 08, 8B, C9, F7, C2, 1A, CF, 43, 0B, 89, CE, F7, C2, 90, 4F, F0, 75, 86, DA, 28, E6, 8D, 05, DE, 58, A3, 41, F6, C3, 5E, 89, FB, 69, EF, 97, F9, 8F, 5D, 2B, CB, 81, EF, 4F, 9F, 1A, 0A, 81, F5, 5D, 12, 74, 1D, 8B, D5, 4B, 33, D6, 68, B7, AA, 57, 00, 4D, 86, D7, 8A, DB, 0F, BE, EF, 8D, 2D, DB, 3C, C4, 7B, 68, 48, 4B, AB, 00, 68, 65, 9C, 5C, 00, 0F, B7, DB, 0F, B6, C0, 81, E7, EC, 93, 1D, C5, E8, 73, 00, 00, 00, 3B, FD, 70, 06, BD, 67, B8, 64, B3, F3, 8D, 15, EC, F7, A6, 60, C7, C1, B5, 15, 1E, F7, 42, 0F...
 
[+]

Code size:
484 KB (495,616 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Client

Command:
C:\Program Files\cyberclient\cyberclient.exe


Remove cyberclient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.