home

ESP.EXE

Email Sentinel Pro

Digital Software Development SRL

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Run2.5’.
Publisher:
DS Development  (signed by Digital Software Development SRL)

Product:
Email Sentinel Pro

Version:
2.7.8.0

MD5:
bb89be6f7c869daef3c25cc85c315a97

SHA-1:
762dcad2804c79ccf1498111d3c9cd78e36b2a4d

SHA-256:
cb4e5c25cec96a763c1181790739a8b73f82899a80582400dad6657f0650b003

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/1/2024 1:06:06 PM UTC  (today)

File size:
2.6 MB (2,762,304 bytes)

Product version:
2.7.8.0

Copyright:
(c) DS Development. All rights reserved.

Original file name:
ESP.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ds development\email sentinel pro\esp.exe

Digital Signature
Signed by:
Digital Software Development SRL

Authority:
VeriSign, Inc.

Valid from:
11/22/2006 4:00:00 AM

Valid to:
11/24/2007 3:59:59 AM

Subject:
CN=Digital Software Development SRL, OU=DS Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Digital Software Development SRL, L=Bucharest, S=Bucharest, C=RO

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0F58B56FE1C5AAB9B695A6627D0D715D

File PE Metadata
Compilation timestamp:
3/31/2007 3:08:22 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:eohYkEjoGIzYazc4ZTrIOJk1Loxe5af5dAOdsRyGZKLCz4wwMzBEsVFE:ezkgH4ZTvJ6gBduRyNCnBEs

Entry address:
0x7269E4

Entry point:
E8, 3B, FF, FF, FF, 05, 46, 8E, 00, 00, FF, E0, E8, 2F, FF, FF, FF, 05, EA, 83, 00, 00, FF, E0, E8, 04, 00, 00, 00, FF, FF, FF, FF, 5E, C3, 00, 78, 37, 42, F5, 68, 0C, 37, 5F, FE, 6F, A4, 76, 9F, F1, 60, 4B, 5E, DC, 22, FA, B7, 3E, 47, 6A, DA, 4F, 36, 71, CD, BD, 6B, 37, 1B, 27, 60, 0E, 50, B2, E5, 09, F7, 13, 75, 78, A6, CF, 54, 83, 63, E5, 74, 9C, D2, 88, D8, 67, B1, 8F, BC, CD, 85, 1F, 3C, 18, B0, 32, CA, E9, BC, 62, 39, E6, BB, 3A, E9, CE, 9E, 2F, 79, 42, 53, 6F, 0D, 34, 6C, E7, 08, 88, 71, 5C, 7D, 53...
 
[+]

Entropy:
7.9843  (probably packed)

Code size:
1.8 MB (1,843,200 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Run2.5

Command:
"C:\Program Files\ds development\email sentinel pro\esp.exe"


Scan ESP.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.