home

ExpandITClientManager.exe

ExpandIT Client Manager

ExpandIT Development Aps

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ExpandIT Client Manager - Desktop Client’.
Publisher:
ExpandIT Development Aps  (signed and verified)

Product:
ExpandIT Client Manager

Version:
4.9.0.16

MD5:
a9e3c07119a8b4b0de522e81d955d9af

SHA-1:
a59e35d233c8ab75ae77181b48b6179d0ac2de60

SHA-256:
91ce9ca49a93f77ec0b2532b2676b43f26ea3a0dfb52ec1be59bf26ba25b7154

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/20/2024 3:01:52 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Crypt.XPACK.Gen2
7.11.30.172

File size:
452.2 KB (463,008 bytes)

Product version:
4.9.0.16

Copyright:
Copyright © ExpandIT Development 2011

Original file name:
ExpandITClientManager.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\expandit\client manager - desktop client\expanditclientmanager.exe

Digital Signature
Signed by:
ExpandIT Development Aps

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
10/1/2009 8:00:00 AM

Valid to:
10/31/2011 7:59:59 AM

Subject:
CN=ExpandIT Development Aps, OU=SECURE APPLICATION DEVELOPMENT, O=ExpandIT Development Aps, L=Hoersholm, S=Copenhagen, C=DK

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
7BAF3981486453F2EF61D45247934389

File PE Metadata
Compilation timestamp:
9/2/2011 4:47:00 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:77Ur9rQwusq2cuoEs7nRVVxUdVbrQwusq2cuZ:778iwuFYCRlKgwuFYZ

Entry address:
0x58B86

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 05, 00, 0C, 00...
 
[+]

Entropy:
6.0224

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
347 KB (355,328 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ExpandIT Client Manager - Desktop Client

Command:
"C:\Program Files\expandit\client manager - desktop client\expanditclientmanager.exe"


Scan ExpandITClientManager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.