home

kmybmsxg.2rl.exe

CSIS Security Group A/S

Publisher:
CSIS Security Group A/S  (signed and verified)

MD5:
6bf5402606f4aefbcc81ac83c5606cc0

SHA-1:
40c880672613d8a510f8b30756e83626b9b3396e

SHA-256:
11e9e2217f8ef46fc1e94d3abf364a85ce3a86e39306ed16819b9dc6166b2b8f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/27/2024 3:36:44 AM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Unknown.Win32Virus
3.12.18.2

File size:
1.1 MB (1,189,032 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\csis\heimdaldata\kmybmsxg.2rl.exe

Digital Signature
Signed by:
CSIS Security Group A/S

Authority:
Thawte, Inc.

Valid from:
4/20/2011 2:00:00 AM

Valid to:
4/20/2013 1:59:59 AM

Subject:
CN=CSIS Security Group A/S, OU=CSIS Operations, O=CSIS Security Group A/S, L=Copenhagen, S=Denmark, C=DK

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6D62D441966EE037399103B7CD093B93

File PE Metadata
Compilation timestamp:
8/30/2012 2:57:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
24576:MdwXk80lx0fNGhwh5xIJRZaloWecMFB15K5l5q5/5T5F5e5D515u5Y5W5d5W505t:3IqLB+TlPDbbbbLb7bNbvqbWIynN2ou4

Entry address:
0x1110

Entry point:
55, 89, E5, 83, EC, 14, 6A, 02, FF, 15, 58, E4, 50, 00, E8, FD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 89, E5, 83, EC, 14, 6A, 01, FF, 15, 58, E4, 50, 00, E8, DD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 89, E5, 53, 83, EC, 04, 8B, 45, 08, 8B, 00, 8B, 00, 3D, 91, 00, 00, C0, 77, 3B, 3D, 8D, 00, 00, C0, 72, 4B, BB, 01, 00, 00, 00, 50, 50, 6A, 00, 6A, 08, E8, AC, 7C, 01, 00, 83, C4, 10, 83, F8, 01, 0F, 84, D6, 00, 00, 00, 85, C0, 0F, 85, 90, 00, 00, 00...
 
[+]

Packer / compiler:
Dev-C++ v5

Code size:
97.5 KB (99,840 bytes)

Scan kmybmsxg.2rl.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.