home

media remote.exe

Main

Suyin Optronics Corp.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Media remote’.
Publisher:
Suyin Optronics Corp.  (signed and verified)

Product:
Main

Description:
Main Microsoft

Version:
1.0.0.25

MD5:
2c5796ee1454e46e9db750482003e6dc

SHA-1:
793f9976071820881bc0e6725d535ee0cc8acb20

SHA-256:
890503407c376b8576a35decef3c56f8ea23d56849af2acceaf58bbc6340dadb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:59:03 PM UTC  (today)

File size:
1.5 MB (1,535,000 bytes)

Product version:
1.0.0.25

Copyright:
2007

Original file name:
Main.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\media remote\media remote.exe

Digital Signature
Signed by:
Suyin Optronics Corp.

Authority:
VeriSign, Inc.

Valid from:
2/18/2011 8:00:00 AM

Valid to:
2/17/2014 7:59:59 AM

Subject:
CN=Suyin Optronics Corp., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Suyin Optronics Corp., S=Taipei County, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5BCA4EF2B803B5EF89E012F2F330141E

File PE Metadata
Compilation timestamp:
5/18/2011 3:11:48 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:nTJSFV9K4qyMn1ey6lZHaYaMLMWhGmuLH3QWND9scHDpeCgHFp8dxU+OHKKnFXkC:VSj9K4qyMnv6bHaYaMYYGjHtscHDpHSt

Entry address:
0x1038A3

Entry point:
E8, 56, A8, 00, 00, E9, 89, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, B0, FB, 56, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, B0, FB, 56, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Entropy:
6.4411

Code size:
1.1 MB (1,203,712 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Media remote

Command:
"C:\Program Files\media remote\media remote.exe"


Scan media remote.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.