home

KerishDoctor.exe

Kerish Doctor

OOO AMA

Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.55

MD5:
382c36b94cced7df64fa63990da3e459

SHA-1:
906366c2c966f508822a03ed3db17101016f1c02

SHA-256:
da29fb6b806423d9de019a0d06fbe8212fcda2cd6f5b2bf8d18a70640ced045f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 10:24:06 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Detection.Undefined
10.7.0.302.0

File size:
2.6 MB (2,725,352 bytes)

Product version:
4.55

Copyright:
Kerish Products 2005-2014. All Rights reserved.

Trademarks:
Kerish Products 2005-2014. All Rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\kerish products\kerish doctor\binary\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
8/5/2013 3:00:00 AM

Valid to:
9/5/2014 2:59:59 AM

Subject:
CN=OOO AMA, OU=IT, O=OOO AMA, L=Voronegh, S="Voroneghskaya oblast ", C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1F3C11346254E097A2EA8B7C9A505E85

File PE Metadata
Compilation timestamp:
1/7/2014 10:40:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:b+qvLnkZsMSJAZ4ruPg0xTyPGb0hIWGl8/cikZQktQDO8X7WXwVniIqkUPt:b+qvTeSmWExTyPc0KWo8/cikQDhWQnb6

Entry address:
0x77B3D

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 5B, F0, 8D, 00, 72, 43, 02, ED, 67, F7, 19, 3D, 66, B1, 3F, 08, A8, 3C, AB, 11, 21, A4, A0, FD, CE, EC, 78, 0C, 6B, BE, F4, 49, 3E, 1C, F1, A5, F2, B7, 99, E8, E1, 89, 74, 0E, E4, 32, EC, 1E, 5A, 36, 08, D1, 20, 80, C3, 40, 60, C9, 2D, 49, D5, A2, 53, 6B, 31, 9D, 35, 0D, 9A, 87, AA, 91, 58, 3C, 25, 64, DE, 39, 33, 7C, 18, 13, FE, 1F, FD, A3, 58, D2, FA, B8, B4, 62, 07, BD, 88, 3C, 26, 72, A6, D6, 00, 6A, FA, 70...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
4.6 MB (4,866,048 bytes)

Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.