home

DEP2012AutoReg.exe

Dewan Eja Pro 2012

The Name Technology Sdn. Bhd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DEP2012AutoReg’.
Publisher:
The Name Technology Sdn. Bhd.  (signed and verified)

Product:
Dewan Eja Pro 2012

Description:
Dewan Eja Pro 2012 Auto Registration

Version:
2.0.1.5

MD5:
6c63ac8aaad479e063d690a4a3d2e077

SHA-1:
1d15763acbdfbe1ce9df09bc0ee67659730a6716

SHA-256:
d7051288b3e18463050eec1e638813030f6b9ff670d8bdb76268b26f55a47b1d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:54:46 AM UTC  (today)

File size:
1.2 MB (1,240,544 bytes)

Product version:
2.0.1.5

Copyright:
2011-2012 (c) The Name Technology Sdn. Bhd. All rights reserved.

Original file name:
DEP2012AutoReg.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\the name technology\dewan eja pro 2012\dep2012autoreg.exe

Digital Signature
Signed by:
The Name Technology Sdn. Bhd.

Authority:
Thawte, Inc.

Valid from:
12/22/2012 8:00:00 AM

Valid to:
1/30/2015 7:59:59 AM

Subject:
CN=The Name Technology Sdn. Bhd., OU=Secure Application Development, O=The Name Technology Sdn. Bhd., L=Cyberjaya, S=Selangor, C=MY

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
496C6C3089165334F547641F125701E7

File PE Metadata
Compilation timestamp:
6/6/2013 6:48:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:mysb7j9cRARqw+fKIS8QmBcbbDZ1D5XyWEUaBO:HgORfwDI7Qb3lR

Entry address:
0x28B000

Entry point:
83, EC, 04, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, 10, 0F, 00, 2D, 9E, 0A, 6B, 00, 05, 93, 0A, 6B, 00, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, D3, 53, BA, 54, 68, 00, 41, D1, 54, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, DD, 3E, A2, 60, FB, 20, 55, BE, FB, 29, 13, 54, 40, 35...
 
[+]

Entropy:
7.8719  (probably packed)

Code size:
316 KB (323,584 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DEP2012AutoReg

Command:
"C:\Program Files\the name technology\dewan eja pro 2012\dep2012autoreg.exe"


Scan DEP2012AutoReg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.