» Launcher.exe
Overview
Analysis
File Details
Behaviors (1)

Launcher.exe

Performance Center Launcher

Ascentive LLC

The application Launcher.exe, “Ascentive Performance Center Launcher Application” by Ascentive has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Performance Center’.

File name:

Launcher.exe

Publisher:

Ascentive LLC (signed and verified)

Product:

Performance Center Launcher

Description:

Ascentive Performance Center Launcher Application

Version:

1.0.1.0

MD5:

a1a97afa6d73cc791b7766afe1b64158

SHA-1:

13e49a0c9c9073e248e817321485b57b366060da

SHA-256:

ad602c866c239a04616ac37ed713b4daab2b771324a224753fb12c1b6d32e98a

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 12:04:22 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.2.8.23

File size:

484.7 KB (496,328 bytes)

Product version:

1.0.1.0

Original file name:

Launcher.exe

File type:

Executable application (Win32 EXE)

Language:

Portugiesisch

Common path:

C:\Program Files\ascentive\performance center\launcher.exe

Digital Signature

Signed by:

Ascentive LLC

Authority:

The USERTRUST Network

Valid from:

11/17/2010 1:00:00 AM

Valid to:

11/17/2013 12:59:59 AM

Subject:

CN=Ascentive LLC, O=Ascentive LLC, STREET=201 Spring Garden St, STREET=Suite 400, L=Philadelphia, S=PA, PostalCode=19123, C=US

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

0B15142D30AF75A1350E58373FD8BF13

File PE Metadata

Compilation timestamp:

4/2/2013 1:24:11 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

6144:Mz7gtR3YjX4LuTUNFd4E4yvJnqcbMDTw+oxeCTmAhTmAZZPxC2YrNo3s3Cm:MHo/SE4yvFqcoDU+oeA0AdCt4sC

Entry address:

0x295F5

Entry point:

E8, 48, 6F, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, A0, 77, 45, 00, 75, 02, F3, C3, E9, C8, 6F, 00, 00, 55, 8B, EC, 83, EC, 20, 56, 33, F6, 39, 75, 0C, 75, 1D, E8, 81, 16, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, 93, 7C, 00, 00, 83, C4, 14, 83, C8, FF, EB, 27, FF, 75, 14, 8D, 45, E0, FF, 75, 10, C7, 45, E4, FF, FF, FF, 7F, FF, 75, 0C, C7, 45, EC, 42, 00, 00, 00, 50, 89, 75, E8, 89, 75, E0, FF, 55, 08, 83, C4, 10, 5E, C9, C3, FF, 74, 24, 08, 6A, 00, FF, 74, 24, 0C, 68, AE, 08, 43, 00, E8, 97, FF... 
[+]

Code size:

272 KB (278,528 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Performance Center

Command:

C:\Program Files\ascentive\performance center\launcher.exe -m

Remove Launcher.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.