» DEP2010NetDetect.exe
Overview
Analysis
File Details
Behaviors (1)

DEP2010NetDetect.exe

Dewan Eja Pro 2010

The Name Technology Sdn. Bhd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Dewan Eja Pro 2010 NetDetect’.

File name:

Publisher:

The Name Technology Sdn. Bhd. (signed and verified)

Product:

Dewan Eja Pro 2010

Description:

Dewan Eja Pro 2010 Net Detect

Version:

2.0.1.3

MD5:

06308c2f896f2c534fac565df9595ae8

SHA-1:

c6d420e2a9aee7131ca60aa414a8e9781cf1a3d0

SHA-256:

8d4463298aff9636d9577c66cea583ff328a563691ce235cb1ac24abdb98eeb8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 4:13:23 PM UTC (today)

File size:

1 MB (1,096,704 bytes)

Product version:

2.0.1.3

Original file name:

DEP2010NetDetect.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\the name technology\dewan eja pro 2010\dep2010netdetect.exe

Digital Signature

Signed by:

The Name Technology Sdn. Bhd.

Authority:

Thawte, Inc.

Valid from:

1/30/2011 8:00:00 AM

Valid to:

1/30/2013 7:59:59 AM

Subject:

CN=The Name Technology Sdn. Bhd., OU=Secure Application Development, O=The Name Technology Sdn. Bhd., L=Cyberjaya, S=Selangor, C=MY

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

275B5223B46BD00091E7CB139C898EFB

File PE Metadata

Compilation timestamp:

7/21/2011 3:54:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

24576:TtWyjOU5ayB1C4Tn9G8EugX8ns/qsgHwqsEa4apLKlfh:pWyjOuT1C4TnUnnX8nhGEX4+Bh

Entry address:

0x246000

Entry point:

83, EC, 04, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, 60, 0D, 00, 2D, 9E, 0A, 6B, 00, 05, 93, 0A, 6B, 00, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, 4E, 26, 4A, 2C, 68, C5, 0C, E1, 0A, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, A2, 60, B2, 06, A1, B0, 25, 84, BF, 2D, 00, 9B, 04, 6B... 
[+]

Entropy:

7.8904 (probably packed)

Code size:

284 KB (290,816 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Dewan Eja Pro 2010 NetDetect

Command:

"C:\Program Files\the name technology\dewan eja pro 2010\dep2010netdetect.exe"

Scan DEP2010NetDetect.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.