home

kGetELMg64.exe

Virtual System Administrator

Kaseya Development, LLC

Publisher:
Kaseya  (signed by Kaseya Development, LLC)

Product:
Virtual System Administrator

Description:
VSA Event Log Parser

Version:
6, 5, 0, 0

MD5:
316195d62eac1f842e3882603d31aec7

SHA-1:
1857b2f54ea27ceeb45651dc7531566a5d06a7a8

SHA-256:
ed2885274696e8ab613da689f96a79796070662f9736032aae1e9b6b90805a57

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 4:41:25 AM UTC  (today)

File size:
100 KB (102,408 bytes)

Product version:
6, 5, 0, 0

Copyright:
Copyright © 2007-2014 Kaseya International Limited. All Rights Reserved.

Trademarks:
Kaseya Virtual System Administrator (tm)

Original file name:
kGetELMg64.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\omicronwave\agent\omicrn10207625292344\kgetelmg64.exe

Digital Signature
Signed by:
Kaseya Development, LLC

Authority:
Thawte, Inc.

Valid from:
1/26/2012 6:00:00 PM

Valid to:
4/14/2014 6:59:59 PM

Subject:
CN="Kaseya Development, LLC", O="Kaseya Development, LLC", L=San Jose, S=California, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
53EE5DD07EC47C024EDACE79BB4B816B

File PE Metadata
Compilation timestamp:
2/10/2014 10:27:22 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
1536:TesmXt+RgrYo6/oB48iS6iLXuAl4RE6qvzEIhLuonJyG4K5mT50rqbr:Tesrho6/C48i1iLXjmHqQyLFYN50Wbr

Entry address:
0x2B00

Entry point:
48, 83, EC, 28, E8, 87, 61, 00, 00, 48, 83, C4, 28, E9, 4E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 20, 89, 4C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, CA, 48, 8B, DA, E8, 37, 70, 00, 00, 8B, 4B, 18, F6, C1, 82, 48, 63, F8, 75, 1D, E8, 17, 15, 00, 00, C7, 00, 09, 00, 00, 00, 83, 4B, 18, 20, 83, C8, FF, 48, 8B, 5C, 24, 48, 48, 83, C4, 20, 5F, C3, F6, C1, 40, 74, 1D, E8, F5, 14, 00, 00, C7, 00, 22, 00, 00, 00, 83, 4B, 18, 20, 83, C8, FF, 48, 8B, 5C, 24, 48, 48, 83, C4...
 
[+]

Entropy:
6.2177

Code size:
66 KB (67,584 bytes)

Scan kGetELMg64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.