home

dopus.exe

Directory Opus

G P Software

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘DOpus’.
Publisher:
GP Software  (signed by G P Software)

Product:
Directory Opus

Description:
Directory Opus 8

Version:
2, 0, 625, 1

MD5:
aa26759da9defe7e07f367b996b40d37

SHA-1:
b7e027049fb5e7dc4b6cab3893a01ed1e7e3ed92

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/3/2024 2:30:19 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
W32.Parite.mAco
2.1.4+

File size:
5 MB (5,277,624 bytes)

Product version:
8, 2, 2, 5

Copyright:
Copyright © 1999-2006 GP Software

Trademarks:
Directory Opus, Opus, DOpus, DirOpus, OpusPC, PCOpus are trademarks of GP Software

Original file name:
dopus.exe

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\Program Files\gpsoftware\directory opus\dopus.exe

Digital Signature
Signed by:
G P Software

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/27/2006 7:00:00 PM

Valid to:
9/26/2007 7:59:59 PM

Subject:
CN=G P Software, OU=SECURE APPLICATION DEVELOPMENT, O=G P Software, L=Brisbane, S=Queensland, C=AU

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
106CCC04066CD87BA17BF177AC4C2767

File PE Metadata
Compilation timestamp:
10/25/2006 12:37:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:fcvPBLs8clFzvioG2pWg+FvT8lk6iy3bSl3B:EvP2nPLiiqSSdB

Entry address:
0x32464F

Entry point:
E8, 20, 92, 00, 00, E9, 16, FE, FF, FF, E8, 2F, 41, 00, 00, FF, 74, 24, 04, E8, 86, 3F, 00, 00, FF, 35, B4, B1, 7D, 00, E8, 08, 48, 00, 00, 68, FF, 00, 00, 00, FF, D0, 83, C4, 0C, C3, 68, 24, E8, 7A, 00, FF, 15, C8, F4, 75, 00, 85, C0, 74, 16, 68, 14, E8, 7A, 00, 50, FF, 15, C0, F4, 75, 00, 85, C0, 74, 06, FF, 74, 24, 04, FF, D0, C3, FF, 74, 24, 04, E8, D1, FF, FF, FF, 59, FF, 74, 24, 04, FF, 15, 04, F5, 75, 00, CC, 6A, 08, E8, A4, 33, 00, 00, 59, C3, 6A, 08, E8, C3, 32, 00, 00, 59, C3, 56, 8B, F0, EB, 0B...
 
[+]

Code size:
3.4 MB (3,530,752 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DOpus

Command:
C:\Program Files\gpsoftware\directory opus\dopus.exe


Scan dopus.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.