home

DeploymentPro.exe

DeploymentPro

BitTitan, Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Guardian’.
Publisher:
BitTitan, Inc.  (signed and verified)

Product:
DeploymentPro

Version:
1.0.40917.65535

MD5:
e581449297e2a5a409cf047e3e6eb571

SHA-1:
5c81f122ef3ce05a08be5f0c77b0802b3ab7de2d

SHA-256:
d3856bb4fd6d2b1685b95689c9d427d37e32b2e51fbd4c4e5c3dfb06b560a704

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
7/3/2025 7:39:13 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W32/Ramnit.C
7.11.30.172

File size:
4.4 MB (4,623,288 bytes)

Product version:
1.0.40917.65535

Copyright:
(c) BitTitan, Inc. All rights reserved.

Original file name:
DeploymentPro.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\20150305t222827z\x64v3\deploymentpro.exe

Digital Signature
Signed by:
BitTitan, Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
4/5/2013 2:23:30 PM

Valid to:
4/5/2015 3:23:30 PM

Subject:
CN="BitTitan, Inc.", O="BitTitan, Inc.", L=Kirkland, S=WA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
27CD99D3DC0C4D

File PE Metadata
Compilation timestamp:
2/12/2015 4:15:39 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:4aOTDEfL6clgkqFLOAkGkzdnEVomFHKnPo:4ZiplPqFLOyomFHKnPo

Entry address:
0x1ACDD0

Entry point:
48, 83, EC, 28, E8, 83, A4, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 89, BF, 0E, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, 79, 3A, 00, 00, CC, 48, 83, EC, 28, 48, 8B, C2, 48, 8D, 51, 11, 48, 8D, 48, 11, E8, 8C, AC, 00, 00, 85, C0, 0F, 94, C0, 48, 83, C4, 28, C3, CC, CC, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8D, 05, 3F, A1, 08...
 
[+]

Entropy:
6.7060

Code size:
1.9 MB (1,961,984 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Guardian

Command:
"C:\users\{user}\appdata\local\temp\{random}.tmp\20150305t222827z\x64v3\deploymentpro.exe"


Scan DeploymentPro.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.