home

LogonStart.EXE

LogonStart Application

ASUSTeK Computer Inc.

Publisher:
ASUSTeK Computer Inc.  (signed and verified)

Product:
LogonStart Application

Description:
LogonStart MFC Application

Version:
1, 0, 0, 1

MD5:
a615b25e46a2e6f5479d692f83706830

SHA-1:
8da33b3f06bd917cdd8e26f181ab0c0c0b6a7d0f

SHA-256:
b9f45c781df695b02c7d12bb2ab4f29326cdf775d15aa083ec665a16c36e01a8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 3:35:37 AM UTC  (today)

File size:
44.4 KB (45,424 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2006

Original file name:
LogonStart.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\logonstart.exe

Digital Signature
Signed by:
ASUSTeK Computer Inc.

Authority:
VeriSign, Inc.

Valid from:
6/26/2006 5:00:00 PM

Valid to:
7/16/2007 4:59:59 PM

Subject:
CN=ASUSTeK Computer Inc., OU=Quality Testing Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ASUSTeK Computer Inc., L=Taipei / Peitou, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
284649F592786C4851C1138E364185AE

File PE Metadata
Compilation timestamp:
11/15/2006 6:42:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:5XoN9Cp8dapmu9exy8M+1BSSSSFtVkYw4d6jG4ba:589ekGeU+BSSSS/wWmLba

Entry address:
0x2630

Entry point:
55, 8B, EC, 6A, FF, 68, 70, 32, 40, 00, 68, 22, 28, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, F0, 30, 40, 00, 59, 83, 0D, 00, 42, 40, 00, FF, 83, 0D, 04, 42, 40, 00, FF, FF, 15, F4, 30, 40, 00, 8B, 0D, F4, 41, 40, 00, 89, 08, FF, 15, F8, 30, 40, 00, 8B, 0D, F0, 41, 40, 00, 89, 08, A1, FC, 30, 40, 00, 8B, 00, A3, FC, 41, 40, 00, E8, 80, 01, 00, 00, 39, 1D, C0, 40, 40, 00, 75, 0C, 68, 1E, 28, 40, 00, FF, 15...
 
[+]

Entropy:
4.1439

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
8 KB (8,192 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.