home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.65

MD5:
0851cf48f51b7e7fadba675e2343cfab

SHA-1:
dd4fb95b9c332930a2414f18beb74612cdf2bfa5

SHA-256:
69186abbba80b7e0b1ced1c829c47b0eaeef532994daf28cb7ae99021d156e71

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 3:07:17 AM UTC  (today)

File size:
3.9 MB (4,073,120 bytes)

Product version:
4.65

Copyright:
Kerish Products 2005-2017. All rights reserved.

Trademarks:
Kerish Products 2005-2017. All rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\kerish products\kerish doctor\update\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
thawte, Inc.

Valid from:
9/7/2015 2:00:00 AM

Valid to:
10/8/2017 1:59:59 AM

Subject:
CN=OOO AMA, OU=OOO AMA, O=OOO AMA, L=Voronezh, S=Voronezh region, C=RU

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
1D0F76AAF04C714C925B79F338122EE7

File PE Metadata
Compilation timestamp:
2/9/2017 2:40:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x3749F

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, A1, 0D, 07, 01, A7, CE, 69, 58, 89, B7, 05, A7, 56, 93, 10, 76, 1E, 16, 51, F2, 12, 43, EA, 29, 61, C6, D0, 46, DB, A1, 73, 56, 58, B7, 10, 48, 46, F4, 61, 0B, B6, AE, EE, 3C, 03, DE, C7, 91, CE, 98, 2A, F7, 5C, 11, 30, 21, 6C, C6, 30, DC, 2C, B2, 41, 8C, E3, E6, 8C, 69, E9, 4E, 0C, 25, B1, BA, B6, 1B, D1, 73, 3F, 85, 8B, 60, 5C, 71, 92, ED, 34, 10, 20, D2, 9E, 6B, 9A, C7, 4C, 21, BE, DE, 73, B3, 72, 19, 1A, 39...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
7.5 MB (7,839,744 bytes)

Scheduled Task
Task name:
Kerish Doctor

Trigger:
Logon (Runs on logon)

Description:
Kerish Doctor Startup


Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.