home

eMATE ON.exe

eMATE ON

Saerom Information Systems, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘eMATE ON’.
Publisher:
Saerom Information Systems, Inc.  (signed and verified)

Product:
eMATE ON

Version:
2, 5, 53, 2

MD5:
c5f8d4d7655815373b70ec06b70d5ef8

SHA-1:
677f35741e64685de2e48ecf30a301c7b726f2cf

SHA-256:
49fa15046fb2cc3385507a01ba2950923ce3524c1f945ff422c10d69523ee520

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 3:49:14 AM UTC  (today)

File size:
2.4 MB (2,558,200 bytes)

Product version:
2, 5, 53, 2

Copyright:
(C) Saerom Information Systems, Inc.

Original file name:
eMATE ON.exe

File type:
Executable application (Win32 EXE)

Language:
Korean (Korea)

Common path:
C:\Program Files\sisystem\emate on\emate on.exe

Digital Signature
Signed by:
Saerom Information Systems, Inc.

Authority:
Thawte, Inc.

Valid from:
3/24/2012 7:00:00 AM

Valid to:
4/24/2014 6:59:59 AM

Subject:
CN="Saerom Information Systems, Inc.", OU=R&D Center, O="Saerom Information Systems, Inc.", L=Geumcheon-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7A04E4B7367AED0D5B6718A3A7F22C7E

File PE Metadata
Compilation timestamp:
8/16/2012 11:24:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1BD96A

Entry point:
55, 8B, EC, 6A, FF, 68, F8, 4E, 60, 00, 68, 74, DB, 5B, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 8C, 7F, 5F, 00, 59, 83, 0D, 08, A0, 67, 00, FF, 83, 0D, 0C, A0, 67, 00, FF, FF, 15, 88, 7F, 5F, 00, 8B, 0D, EC, 9A, 67, 00, 89, 08, FF, 15, 84, 7F, 5F, 00, 8B, 0D, E8, 9A, 67, 00, 89, 08, A1, 80, 7F, 5F, 00, 8B, 00, A3, 04, A0, 67, 00, E8, 40, 06, FD, FF, 39, 1D, 60, C4, 66, 00, 75, 0C, 68, 9E, DB, 5B, 00, FF, 15, 7C, 7F...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
2 MB (2,056,192 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
eMATE ON

Command:
C:\Program Files\sisystem\emate on\emate on.exe


Scan eMATE ON.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.