home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.60

MD5:
13972011dfc814899a60fbaff3e380c1

SHA-1:
974a149ec3541ac77e6b57414e73ab05361b94a5

SHA-256:
3d569c68dfb7ea29b1b2ec62476e8fdef737fb63a4640d780ff22c2609ae9977

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 9:33:24 PM UTC  (today)

File size:
2.7 MB (2,844,136 bytes)

Product version:
4.60

Copyright:
Kerish Products 2005-2014. All Rights reserved.

Trademarks:
Kerish Products 2005-2014. All Rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kerish doctor\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
8/5/2013 4:00:00 AM

Valid to:
9/5/2014 3:59:59 AM

Subject:
CN=OOO AMA, OU=IT, O=OOO AMA, L=Voronegh, S="Voroneghskaya oblast ", C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1F3C11346254E097A2EA8B7C9A505E85

File PE Metadata
Compilation timestamp:
8/12/2014 5:34:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:+39LB7ctStCAMpw6oyI8oYPdxUTyPsUCSnnc17DHnuJLzWbQHnH:Wj7YG/t8oYPPUTyPsUbnxLSUHH

Entry address:
0x132CE1

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 9B, B5, 96, 00, C1, EC, 32, CC, 94, 4C, FF, 36, 45, AA, 69, 10, 65, A9, CB, 43, 2A, FD, 29, 06, 82, 27, 4C, D9, AC, 8A, C4, 2B, 84, B7, 7D, 31, F1, AE, 8B, A2, C0, DF, 5F, 95, 08, 2C, 49, 66, CC, BA, C3, 56, FC, 12, 57, A8, B4, 83, 77, 15, 56, 3E, A5, E3, 32, 30, 0E, 87, BC, 20, 02, 95, 91, 08, BD, 4A, A2, 27, 32, CF, EA, 32, AC, B2, 9B, B7, E4, 2D, CE, E7, 25, 94, 3A, 37, CC, 10, B9, E2, 99, D8, 7C, F5, 8F, C0...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
6.3 MB (6,561,792 bytes)

Scheduled Task
Task name:
{0C7D777F-F263-4DEB-8D3B-5371A2C026A3}

Trigger:
Registration (Runs on registration)


Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.