home

elgiganten.exe

Elgiganten Cloud

Jotta AS

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Jotta’.
Publisher:
Elgiganten AB  (signed by Jotta AS)

Product:
Elgiganten Cloud

Version:
3.0.19.199

MD5:
2ec37d0c9d61826c98c8b43abdb72019

SHA-1:
5099c003b119ae0d1ecd4069d5c7fa7fbd9b6433

SHA-256:
a99023bf6c0786b3f52608c3594ec89d8d6aab08acbd9626a98ce1a36ea3dd5f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 8:11:01 PM UTC  (today)

File size:
6.6 MB (6,931,424 bytes)

Copyright:
Copyright Elgiganten AB

Original file name:
elgiganten.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\elgiganten cloud\elgiganten.exe

Digital Signature
Signed by:
Jotta AS

Authority:
Thawte, Inc.

Valid from:
8/31/2013 2:00:00 AM

Valid to:
9/1/2015 1:59:59 AM

Subject:
CN=Jotta AS, O=Jotta AS, L=Oslo, S=Oslo, C=NO

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
630451A6CB72127AE737BCFE415E85F3

File PE Metadata
Compilation timestamp:
5/26/2014 2:31:21 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:PCr6VlEV9OHo8jpF5Nd1eypassfCBaOMKfx8QaF:Pm6VlEVgHo8jf1hsfATZxWF

Entry address:
0x1EDE4C

Entry point:
48, 83, EC, 28, E8, CF, 03, 00, 00, 48, 83, C4, 28, E9, 1E, FD, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 0D, DF, 47, 00, FF, 15, B7, F1, 06, 00, 48, 8B, 05, F8, DF, 47, 00, 48, 89, 44, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, 59, 04, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, B8, DE, 47, 00, 48, 89, 44, 24...
 
[+]

Entropy:
7.1394

Code size:
2.4 MB (2,471,936 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Jotta

Command:
"C:\Program Files\elgiganten cloud\elgiganten.exe"


Scan elgiganten.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.