home

MOTUDiscovery.exe

MOTUDiscovery

Mark of the Unicorn

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘MOTUDiscovery.exe’.
Publisher:
Mark of the Unicorn  (signed and verified)

Product:
MOTUDiscovery

Version:
1.0.0.0

MD5:
6aac0aacac4c129f22f51912dab9ad48

SHA-1:
51ae325a04888a790864cdab2ba4d1b09e452d20

SHA-256:
a64ee5dd0093a0c191d20fa8804181c0c121817cdf3449d604252f5ad21768af

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 4:14:56 PM UTC  (today)

File size:
512.2 KB (524,512 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
MOTUDiscovery.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\motu\pro audio\motudiscovery.exe

Digital Signature
Signed by:
Mark of the Unicorn

Authority:
GlobalSign nv-sa

Valid from:
9/29/2016 8:09:23 AM

Valid to:
9/30/2019 8:09:23 AM

Subject:
CN=Mark of the Unicorn, O=Mark of the Unicorn, L=Cambridge, S=Massachusetts, C=US

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE

Serial number:
149D9648FCFF0CC5C52580D2

File PE Metadata
Compilation timestamp:
11/28/2016 5:12:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:76vhIso0XI5YJKycjf+t5OO+n6BPwbDSwo1IDXiK5wyuUnSQuTrnFNy/3tjPhIsc:76JW0XlJ8dow/cIDXv5wmtuTJ+fUP

Entry address:
0x77ACE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.6783

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
471 KB (482,304 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MOTUDiscovery.exe

Command:
C:\Program Files\motu\pro audio\motudiscovery.exe


Scan MOTUDiscovery.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.