» fortivoiceconsolecommunicationmanagertray.exe
Overview
Analysis
File Details
Behaviors (1)

fortivoiceconsolecommunicationmanagertray.exe

Fortinet Technologies (Canada) Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘FortiVoice Console Tray’.

File name:

Publisher:

Fortinet (signed by Fortinet Technologies (Canada) Inc.)

Description:

FortiVoice Console Communications Manager Tray

Version:

7.31.001

MD5:

fbb669e06d431cbb21c916c5a0d54ab7

SHA-1:

8bd0ae28c84fc110f0b7da50f3ebd8b8f7ca1e1b

SHA-256:

f9bd886c122917de0cd5eddb1aaebe3c5fb0422d8f2c844a08414f94a9707cda

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 1:44:42 PM UTC (today)

File size:

302.4 KB (309,704 bytes)

Product version:

7.31.001

Trademarks:

(TM) Fortinet 2013

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\fortinet\fortivoice console 7.31\communication manager\fortivoiceconsolecommunicationmanagertray.exe

Digital Signature

Signed by:

Fortinet Technologies (Canada) Inc.

Authority:

VeriSign, Inc.

Valid from:

6/20/2012 5:00:00 PM

Valid to:

6/21/2014 4:59:59 PM

Subject:

CN=Fortinet Technologies (Canada) Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Fortinet Technologies (Canada) Inc., L=Ottawa, S=Ontario, C=CA

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

12B415829667AA6431DB60300316C4B1

File PE Metadata

Compilation timestamp:

6/20/2013 9:21:41 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3072:gmv1jnpcMpPkVHA9Lv6IXcPDUnVxyb1c2VCcSgKXFqqSO7NEZmTV0nXf2/K5FrZX:H1nJFUAAgMb62MVQqSO7QmTV0PPr1

Entry address:

0x213AE

Entry point:

E8, A3, 03, 00, 00, E9, 35, FD, FF, FF, 68, 0F, 14, 42, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 20, A0, 43, 00, 31, 45, FC, 33, C5, 89, 45, E4, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, E4, 33, CD, E8, 9C, FA, FF, FF, E9, BE, 01, 00, 00, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, 68, A6, 0E, 42, 00, 68, 20, A0, 43, 00, E8, BC, 03, 00, 00... 
[+]

Entropy:

6.1235

Code size:

160 KB (163,840 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

FortiVoice Console Tray

Command:

"C:\Program Files\fortinet\fortivoice console 7.31\communication manager\fortivoiceconsolecommunicationmanagertray.exe"

Scan fortivoiceconsolecommunicationmanagertray.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.