home

maxsdtray.exe

Max Secure Software India Pvt. Ltd.

The application maxsdtray.exe, “Max Secure Software Active Monitor Tray” by Max Secure Software India Pvt has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SDActiveMonitor’.
Publisher:
Max Secure Software  (signed by Max Secure Software India Pvt. Ltd.)

Product:
Max Secure Software

Description:
Max Secure Software Active Monitor Tray

Version:
2, 0, 1, 0

MD5:
a98831affdc9e05ebbfefff7173784ad

SHA-1:
0f28e47f31295f9cc8516e4e9eb5708ea2f61e58

SHA-256:
61d02e656965bc1a877678046b98318084f153ac394ceb466f54f8b67b1557da

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 5:01:01 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MaxSecure.Optional.Meta (L)
15.12.4.2

File size:
2 MB (2,050,752 bytes)

Product version:
19, 0, 2, 1

Copyright:
(c) Max Secure Software 2011. All rights reserved.

Original file name:
SDActiveMonitor.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\max secure anti virus\maxsdtray.exe

Digital Signature
Signed by:
Max Secure Software India Pvt. Ltd.

Authority:
GlobalSign nv-sa

Valid from:
6/29/2010 12:23:42 PM

Valid to:
6/22/2012 10:27:42 PM

Subject:
E=tech@maxpcsecure.com, CN=Max Secure Software India Pvt. Ltd., O=Max Secure Software India Pvt. Ltd., L=pune, S=MH, C=IN

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012985618846

File PE Metadata
Compilation timestamp:
6/29/2011 5:22:26 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:v/z00nlrXAGDvL0LkTziz7YE3/DKneGFS:v/z00nBaLkkH3/IeGFS

Entry address:
0x6A784

Entry point:
48, 83, EC, 28, E8, 43, 5A, 00, 00, 48, 83, C4, 28, E9, 16, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 30, 49, 8B, D9, 49, 8B, F0, 48, 8B, FA, 4D, 85, C9, 75, 04, 33, C0, EB, 66, 48, 85, C9, 75, 25, E8, 69, 39, 00, 00, BB, 16, 00, 00, 00, 48, 83, 64, 24, 20, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 89, 18, E8, 99, 35, 00, 00, 8B, C3, EB, 3C, 4D, 85, C0, 74, 12, 48, 3B, D3, 72, 0D, 4C, 8B, C3, 48, 8B, D6, E8, 18, 24, 00, 00, EB, BB, 4C, 8B, C2, 33, D2, E8, 2C, 0C, 00, 00...
 
[+]

Entropy:
6.0720

Code size:
1.2 MB (1,235,456 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SDActiveMonitor

Command:
C:\Program Files\max secure anti virus\maxsdtray.exe -auto


Remove maxsdtray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.