» fortivoiceconsolecommunicationmanagertray.exe
Overview
Analysis
File Details
Behaviors (1)

fortivoiceconsolecommunicationmanagertray.exe

Fortinet Technologies (Canada) Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘FortiVoice Console Tray’.

File name:

Publisher:

TalkSwitch (signed by Fortinet Technologies (Canada) Inc.)

Description:

FortiVoice Console Communications Manager Tray

Version:

7.20.001

MD5:

c68f16153dcae9376ad8e0d6ebca811d

SHA-1:

7dc409aaa8bc4b5665898eff9987864afc2a1922

SHA-256:

c49cc0e59324e0463e5cd6761b5a96d61356ce849e29603c292a658d120b7190

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 2:36:29 AM UTC (today)

File size:

302 KB (309,264 bytes)

Product version:

7.20.001

Trademarks:

(TM) TalkSwitch 2012

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\fortinet\fortivoice console 7.20\communication manager\fortivoiceconsolecommunicationmanagertray.exe

Digital Signature

Signed by:

Fortinet Technologies (Canada) Inc.

Authority:

VeriSign, Inc.

Valid from:

6/20/2012 8:00:00 PM

Valid to:

6/21/2014 7:59:59 PM

Subject:

CN=Fortinet Technologies (Canada) Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Fortinet Technologies (Canada) Inc., L=Ottawa, S=Ontario, C=CA

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

12B415829667AA6431DB60300316C4B1

File PE Metadata

Compilation timestamp:

7/24/2012 2:05:16 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3072:8fv1jnpcMpPkhHA9Lv6I/cPDQnVtCbHM21ycSgKXFqqSO7NEZmTV0nXf2/K5Fr:o1nJFgA48wbs2UVQqSO7QmTV0PPr

Entry address:

0x213AE

Entry point:

E8, A3, 03, 00, 00, E9, 35, FD, FF, FF, 68, 0F, 14, 42, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 20, A0, 43, 00, 31, 45, FC, 33, C5, 89, 45, E4, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, E4, 33, CD, E8, 9C, FA, FF, FF, E9, BE, 01, 00, 00, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, 68, A6, 0E, 42, 00, 68, 20, A0, 43, 00, E8, BC, 03, 00, 00... 
[+]

Entropy:

6.1203

Code size:

160 KB (163,840 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

FortiVoice Console Tray

Command:

"C:\Program Files\fortinet\fortivoice console 7.20\communication manager\fortivoiceconsolecommunicationmanagertray.exe"

Scan fortivoiceconsolecommunicationmanagertray.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.