home

GotoCam.exe

GotoCamera

pechora

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘GotoCameraClient’.
Publisher:
pechora  (signed and verified)

Product:
GotoCamera

Version:
1, 0, 0, 1

MD5:
c314ba898c50a9ea14615d099170a22c

SHA-1:
46cde2e604ea45e8909a5178209ff9cb8f21b093

SHA-256:
c7d380a30f44713f38a5df85ee9dc69fdab855cc919daff58dbcdb407366b178

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 9:40:54 PM UTC  (today)

File size:
3.2 MB (3,346,944 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright 2010

Original file name:
GotoCam.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\gotocamera\gotocam.exe

Digital Signature
Signed by:
pechora

Authority:
Peanuts Org

Valid from:
4/1/2010 5:23:05 AM

Valid to:
3/29/2020 5:23:05 AM

Subject:
CN=homecamera, OU=homecamera, O=pechora, L=singapore, S=singapore, C=SG

Issuer:
E=admin@peanuts.org, CN=Peanuts, OU=R&D, O=Peanuts Org, L=Singapore, S=Singapore, C=SG

Serial number:
0096CBB270A730EE0B

File PE Metadata
Compilation timestamp:
12/14/2011 2:47:54 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:v2PLRDDQ8KcOc+xbeFilXYo2qR4ucy6emLKAHbTvj5t:v2+fxbeFilxD/cTLb7zj5

Entry address:
0xE66CB

Entry point:
E8, EA, 11, 01, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 0C, 00, 74, 0B, 6A, 2D, 5A, 66, 89, 11, 83, C1, 02, F7, D8, 56, 8B, F1, 33, D2, F7, 75, 08, 83, FA, 09, 76, 05, 83, C2, 57, EB, 03, 83, C2, 30, 66, 89, 11, 83, C1, 02, 85, C0, 75, E4, 66, 89, 01, 83, E9, 02, 0F, B7, 01, 66, 8B, 16, 66, 89, 11, 66, 89, 06, 83, E9, 02, 83, C6, 02, 3B, F1, 72, EA, 5E, 5D, C2, 08, 00, 8B, FF, 55, 8B, EC, 83, 7D, 10, 0A, 8B, 45, 08, 75, 0A, 85, C0, 79, 06, 6A, 01, 6A, 0A, EB, 05, 6A, 00, FF, 75, 10, 8B, 4D, 0C...
 
[+]

Entropy:
5.6676

Code size:
1.1 MB (1,161,216 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GotoCameraClient

Command:
C:\Program Files\gotocamera\gotocam.exe


Scan GotoCam.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.