» deskroll.2.1.1.0.exe
Overview
Analysis
File Details
Behaviors (1)
Downloads (1)

deskroll.2.1.1.0.exe

DeskRoll Remote Desktop

Tomsk Inc.

This is a setup program which is used to install the application. This is the uninstaller utility registered in the Windows Control Panel for the program DeskRoll Remote Desktop (remove only) by Tomsk, Inc.. The file has been seen being downloaded from deskroll.com.

File name:

Publisher:

Tomsk, Inc. (signed by Tomsk Inc.)

Product:

DeskRoll Remote Desktop

Version:

2.1.1.0

MD5:

c8f632c211c4ed62cdc311255d1912f5

SHA-1:

a2131bd5641272722655167c0e92b46a8c1dbf12

SHA-256:

2392a7fff3b0b402e7caac122e93c4b2f529409a53791d92d967f6e5d4f6fdba

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/19/2024 5:36:23 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.Packed

1.3.0.6979

File size:

2.4 MB (2,498,592 bytes)

Product version:

2.1.1.0

Original file name:

DeskRoll.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\deskroll remote desktop\deskroll.2.1.1.0.exe

Digital Signature

Signed by:

Tomsk Inc.

Authority:

Thawte, Inc.

Valid from:

4/30/2013 5:30:00 AM

Valid to:

5/28/2015 5:29:00 AM

Subject:

CN=Tomsk Inc., O=Tomsk Inc., L=Cupertino, S=California, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3455D53E482B9C5BAF72A85243C3FD71

File PE Metadata

Compilation timestamp:

3/20/2015 12:08:01 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

49152:z0kGt4XLWOWQgn4zCfmbqJ3m6czhD2YPz263bciLx9g8q:z0evWLxfig3lcdD2YS6LciPg8q

Entry address:

0x758540

Entry point:

60, BE, 00, 10, 90, 00, 8D, BE, 00, 00, B0, FF, C7, 87, 80, 20, 62, 00, 44, D5, F8, B0, 57, EB, 11, 90, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46... 
[+]

Entropy:

7.9195 (probably packed)

Code size:

2.3 MB (2,457,600 bytes)

Program Uninstaller

Program name:

DeskRoll Remote Desktop (remove only)

Display publisher:

Tomsk, Inc.

Display version:

2.1.1

Uninstall string:

C:\users\{user}\deskroll remote desktop\deskroll.2.1.1.0.exe --action=uninstall

The file deskroll.2.1.1.0.exe has been seen being distributed by the following URL.

https://deskroll.com/download/.../DeskRoll.exe

Scan deskroll.2.1.1.0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.