home

media remote.exe

Main

Suyin Optronics Corp.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Media remote’.
Publisher:
Suyin Optronics Corp.  (signed and verified)

Product:
Main

Description:
Main Microsoft

Version:
1.0.0.23

MD5:
25c9a4359f05c6d4e801d737e9182df5

SHA-1:
db5f3419666c48c7a35d3284e30c25e613a3141d

SHA-256:
12a852e0cb1c3c58abf8361ec759da6952c57a369524dd751dc657ee0cea8834

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 11:47:13 PM UTC  (a few moments ago)

File size:
40.5 KB (41,496 bytes)

Product version:
1.0.0.23

Copyright:
2007

Original file name:
Main.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\media remote\media remote.exe

Digital Signature
Signed by:
Suyin Optronics Corp.

Authority:
VeriSign, Inc.

Valid from:
2/18/2011 8:00:00 AM

Valid to:
2/17/2014 7:59:59 AM

Subject:
CN=Suyin Optronics Corp., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Suyin Optronics Corp., S=Taipei County, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5BCA4EF2B803B5EF89E012F2F330141E

File PE Metadata
Compilation timestamp:
3/11/2011 11:50:51 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
768:1sQhsq1uJ9Uk7FEXOcoOhE+CYgffffwoL3tT:DTkv3OuYRoZT

Entry address:
0x399A

Entry point:
E8, 94, 04, 00, 00, E9, 63, FD, FF, FF, 6A, 14, 68, D8, 62, 40, 00, E8, D0, 01, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, DE, 04, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, C6, 01, 00, 00, C2, 10, 00, 6A, 0C, 68, F8, 62, 40, 00, E8, 72, 01, 00, 00, 83, 65, E4, 00, 8B, 75, 0C, 8B, C6, 0F, AF, 45...
 
[+]

Entropy:
5.9251

Code size:
13 KB (13,312 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Media remote

Command:
"C:\Program Files\media remote\media remote.exe"


Scan media remote.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.