home

ico.exe

MouseSuite 98

PRIMAX ELECTRONICS LTD.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Mouse Suite 98 Daemon’.
Publisher:
PRIMAX ELECTRONICS LTD.  (signed and verified)

Product:
MouseSuite 98

Description:
Mouse Suite 98 Daemon

Version:
1, 0, 1, 3

MD5:
49cd8636a4e2a939681d5453d8f50e61

SHA-1:
53fc9f13a562ec983371b742c3db692048919862

SHA-256:
e457744e599a0a7226af59aa74c07bbe02005be2f61e1c2b1c94989d322d31de

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:35:20 PM UTC  (today)

File size:
95.8 KB (98,112 bytes)

Product version:
1.0.0.0

Copyright:
Copyright (c) 1997, Primax Electronics Ltd.

Trademarks:
Primax Electronics Ltd.

File type:
Executable application (Win64 EXE)

Common path:
C:\Windows\System32\ico.exe

Digital Signature
Signed by:
PRIMAX ELECTRONICS LTD.

Authority:
VeriSign, Inc.

Valid from:
6/16/2006 9:00:00 AM

Valid to:
6/30/2007 8:59:59 AM

Subject:
CN=PRIMAX ELECTRONICS LTD., OU=Information Appliance Device Divison, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=PRIMAX ELECTRONICS LTD., L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
06AC182DEFC80A4C7D3F6D4C46FA9C92

File PE Metadata
Compilation timestamp:
2/11/2007 11:46:31 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:ZoKkdaazqS46i6yjGKO5BhjDtdRwKPXIePCfZOqY06EJSQCL45F18URAd:exdaa+S46i6yCK8thdRwKPXx6fZOqY06

Entry address:
0x5BA0

Entry point:
48, 83, EC, 28, E8, A7, 32, 00, 00, 48, 83, C4, 28, E9, FE, FC, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 83, EC, 48, 48, 89, 5C, 24, 50, 48, 89, 6C, 24, 58, 40, 32, ED, 48, 85, D2, 48, 89, 7C, 24, 68, 48, 8B, D9, 40, 88, 6C, 24, 38, 4C, 89, 64, 24, 40, 75, 74, 48, 89, 74, 24, 60, E8, 1E, 2F, 00, 00, 4C, 8B, A0, C0, 00, 00, 00, 48, 8B, B0, B8, 00, 00, 00, 48, 8B, F8, 4C, 3B, 25, D6, 05, 01, 00, 74, 16, 8B, 90, C8, 00, 00, 00, 85, 15, 50, 04, 01, 00, 75, 08, E8, 41, 41, 00, 00, 4C...
 
[+]

Entropy:
6.1724

Code size:
62.5 KB (64,000 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Mouse Suite 98 Daemon

Command:
ico.exe


Scan ico.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.