home

mysync.exe

Axentra Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MySync’. This is installed with MySync for HipServ.
Publisher:
Axentra Corporation  (signed and verified)

MD5:
a415bfa921c54ad687357307e0d99b38

SHA-1:
6d336aba4a02178ed3fa3599ba85832917a64917

SHA-256:
bf39ecc5d9bb6402cbf6c2bf8a420d4d69229e578df5b74052625a0ff8a957c8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 8:43:32 AM UTC  (today)

File size:
345.9 KB (354,184 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\mysync for hipserv\mysync.exe

Digital Signature
Signed by:
Axentra Corporation

Authority:
VeriSign, Inc.

Valid from:
5/15/2011 7:00:00 PM

Valid to:
6/2/2012 6:59:59 PM

Subject:
CN=Axentra Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Axentra Corporation, L=Ottawa, S=Ontario, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6645175ACFAB6519E9E46C8F0D40379E

File PE Metadata
Compilation timestamp:
1/18/2012 6:29:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:iPMTokAFJh9GJ4bfNgNhc7JMU2dOHcm6LPj9Fe3jaVqF622y0ZjySaOwWVyh:nc1Jh9GJ6fNgNPeIC

Entry address:
0x1C6FE

Entry point:
E8, C1, 03, 00, 00, E9, 39, FD, FF, FF, FF, 25, D4, 21, 42, 00, CC, CC, 68, 69, C7, 41, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 1C, 36, 44, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, 68, 10, C3, 41, 00...
 
[+]

Entropy:
6.4931

Code size:
132 KB (135,168 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MySync

Command:
C:\Program Files\mysync for hipserv\mysync.exe


The file mysync.exe has been discovered within the following program.

MySync for HipServ  by Axentra Corporation
www.axentra.com
About 5% of users remove it
 
Powered by Should I Remove It?

Scan mysync.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.