home

initbasetray.exe

Whatlink Software Limited

It runs as a separate (within the context of its own process) windows Service named “Init Base Control 64-bits Tray”.
Publisher:
Whatlink Software Limited  (signed and verified)

MD5:
e414a2a49f9f12bd8738754bd6efc73f

SHA-1:
1f33968ec9977c049a1e8d21463ecebed285b9a6

SHA-256:
ca11a3a0495723c98d417748bad18de4aba4ffc61d35f28cbaadb97f7773e0b1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 8:00:50 AM UTC  (today)

File size:
1.1 MB (1,158,896 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\icedeep, inc\myusbonly by icedeep\initbasetray.exe

Digital Signature
Signed by:
Whatlink Software Limited

Authority:
COMODO CA Limited

Valid from:
5/23/2012 3:00:00 AM

Valid to:
5/24/2014 2:59:59 AM

Subject:
CN=Whatlink Software Limited, O=Whatlink Software Limited, STREET="23F, New Trend Centre, 704 Prince Edward Road East, San Po Kong", L=San Po Kong, S=Kowloon, PostalCode=00000, C=HK

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
43259EC376010D27AB2FB3A264BA523A

File PE Metadata
Compilation timestamp:
2/20/2014 7:53:06 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
24576:ZuRWLW3UPqO2W9HgWxgVsW9XCv6uZdODR4+urxR639:ZCEPJVAWxg1gODRbcH0

Entry address:
0xC0428

Entry point:
48, 83, EC, 28, E8, B3, CB, 00, 00, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, 40, 55, 53, 57, 48, 8B, EC, 48, 83, EC, 40, 83, 65, 30, 00, 83, 65, 38, 00, 83, 65, 20, 00, 48, 8B, FA, 48, 8B, D9, 48, 85, C9, 75, 1B, E8, CD, 1E, 00, 00, BB, 16, 00, 00, 00, 89, 18, E8, 05, 57, 00, 00, 8B, C3, 48, 83, C4, 40, 5F, 5B, 5D, C3, BA, FF, 00, 00, 00, 41, B8, 24, 00, 00, 00, E8, E7, 05, 00, 00, 48, 85, FF, 74, D0, 48, 83, 3F, 00, 7D, 0E, E8, 97, 1E, 00, 00, BB, 16, 00, 00, 00, 89, 18, EB, CD, 48, B8, FF, 6F, 40, 93...
 
[+]

Entropy:
6.6021

Code size:
857 KB (877,568 bytes)

Service
Display name:
Init Base Control 64-bits Tray

Service name:
InitBaseTray

Type:
Win32OwnProcess


Scan initbasetray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.