» desktopdockapp.exe
Overview
Analysis
File Details
Behaviors (1)
Network (18)

desktopdockapp.exe

Desktop Dock

The application desktopdockapp.exe by Desktop Dock has been detected as a potentially unwanted program by 3 anti-malware scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DesktopDock’. While running, it connects to the Internet address server-52-84-239-186.sfo5.r.cloudfront.net on port 443.

File name:

desktopdockapp.exe

Publisher:

Desktop Dock (signed and verified)

Version:

1.0.2.8

MD5:

91a146659cf5ebe8df12fe54f025d7dc

SHA-1:

cc1ddd8e0766f1299216141df639cb042a24b038

SHA-256:

c717c81c37760b45f25db3b451ebba4a899093bb2d30aa5c75309581cd54ddfa

Scanner detections:

3 / 68

Status:

Potentially unwanted

Analysis date:

5/1/2024 12:39:34 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/Adware.Gen7

7.11.211.72

ESET NOD32

Win32/Verti.K potentially unwanted (variant)

9.11198

Reason Heuristics

PUP.Startup.DesktopDock

15.2.21.15

File size:

1.4 MB (1,519,128 bytes)

Product version:

1.0.2.8

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\desktop dock\desktopdockapp.exe

Digital Signature

Signed by:

Desktop Dock

Authority:

COMODO CA Limited

Valid from:

5/8/2014 8:00:00 PM

Valid to:

5/8/2016 7:59:59 PM

Subject:

CN=Desktop Dock, O=Desktop Dock, STREET=44 Primrose Crescent, L=SUNDERLAND, S=Tyne and Wear, PostalCode=SR6 9RJ, C=GB

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

72D187E754B89EF452FF82C8A9DE9B

File PE Metadata

Compilation timestamp:

2/17/2015 4:38:22 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:kvwY59NEo+CBPKiRmaXpfkMqGL1YwWZu8xcwpZHt8nQvcVarX4yhOLWdzjTDzjPL:7YfNjXyCfTjsh2IrIyhOLWnBo8Tt

Entry address:

0x4B903

Entry point:

E8, C0, C7, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, E0, 81, 53, 00, 33, C5, 89, 45, FC, 83, 7D, 08, FF, 57, 74, 09, FF, 75, 08, E8, 99, A2, 00, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, A9, C3, FF, FF, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, DC, FC, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89, BD, CC... 
[+]

Code size:

940.5 KB (963,072 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

DesktopDock

Command:

"C:\Program Files\desktop dock\desktopdockapp.exe"

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):

Connects to server-54-192-119-79.sfo9.r.cloudfront.net (54.192.119.79:443)

TCP (HTTP SSL):

Connects to server-52-84-24-201.sea32.r.cloudfront.net (52.84.24.201:443)

TCP (HTTP SSL):

Connects to server-52-84-239-62.sfo5.r.cloudfront.net (52.84.239.62:443)

TCP (HTTP SSL):

Connects to server-54-192-147-254.sfo4.r.cloudfront.net (54.192.147.254:443)

TCP (HTTP SSL):

Connects to server-54-192-119-214.sfo9.r.cloudfront.net (54.192.119.214:443)

TCP (HTTP SSL):

Connects to server-52-84-239-25.sfo5.r.cloudfront.net (52.84.239.25:443)

TCP (HTTP SSL):

Connects to server-54-192-147-141.sfo4.r.cloudfront.net (54.192.147.141:443)

TCP (HTTP SSL):

Connects to server-52-84-24-62.sea32.r.cloudfront.net (52.84.24.62:443)

TCP (HTTP SSL):

Connects to server-52-84-24-185.sea32.r.cloudfront.net (52.84.24.185:443)

TCP (HTTP SSL):

Connects to server-52-84-24-155.sea32.r.cloudfront.net (52.84.24.155:443)

TCP (HTTP SSL):

Connects to server-52-84-239-82.sfo5.r.cloudfront.net (52.84.239.82:443)

TCP (HTTP SSL):

Connects to server-52-84-239-36.sfo5.r.cloudfront.net (52.84.239.36:443)

TCP (HTTP SSL):

Connects to server-52-84-239-35.sfo5.r.cloudfront.net (52.84.239.35:443)

TCP (HTTP SSL):

Connects to server-52-84-239-231.sfo5.r.cloudfront.net (52.84.239.231:443)

TCP (HTTP SSL):

Connects to server-52-84-239-208.sfo5.r.cloudfront.net (52.84.239.208:443)

TCP (HTTP SSL):

Connects to server-52-84-239-196.sfo5.r.cloudfront.net (52.84.239.196:443)

TCP (HTTP SSL):

Connects to server-52-84-239-186.sfo5.r.cloudfront.net (52.84.239.186:443)

TCP (HTTP SSL):

Connects to server-52-84-239-117.sfo5.r.cloudfront.net (52.84.239.117:443)

Remove desktopdockapp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.