home

noactivex-95121085.exe

Kaseya Remote Control Relay Client

Kaseya International Limited

Publisher:
Kaseya International Limited

Product:
Kaseya Remote Control Relay Client

Description:
Kaseya Remote Control Relay Client - Listener

Version:
9, 2, 0, 0

MD5:
3608bb648aefb693187dc2ff40c9f22f

SHA-1:
cea90d6fbf6d513b403ccc4e9603340c36e7096c

SHA-256:
36f14031462b0e8436469315859b97c47e35efabb7ce481322f80a6be4104687

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/21/2024 5:32:39 AM UTC  (today)

File size:
1.6 MB (1,627,090 bytes)

Product version:
9, 2, 0, 0

Copyright:
Copyright © 2001-2015 Kaseya International Limited. All Rights Reserved.

Trademarks:
http://www.kaseya.com/jp/trademark-guidelines.aspx

Original file name:
KRlyCLis.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\noactivex-95121085.exe

File PE Metadata
Compilation timestamp:
11/1/2015 11:12:15 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
24576:3aZiOK8CjEmbT2ooZgR17jWaDW8s2G0xH7LNdXYkP3ICg8DrpgjRwo17e6sP:3a3K8iGoHW8007LvIi/0LsP

Entry address:
0x30B6F

Entry point:
E8, D7, 05, 00, 00, E9, 4E, FE, FF, FF, 55, 8B, EC, 83, 61, 04, 00, 83, 61, 08, 00, 8B, 45, 08, 89, 41, 04, 8B, C1, C7, 01, F0, 08, 49, 00, 5D, C2, 04, 00, 55, 8B, EC, 51, 56, FF, 75, 08, 8B, F1, 89, 75, FC, E8, 60, 00, 00, 00, C7, 06, F0, 08, 49, 00, 8B, C6, 5E, 8B, E5, 5D, C2, 04, 00, 83, 61, 04, 00, 8B, C1, 83, 61, 08, 00, C7, 41, 04, F8, 08, 49, 00, C7, 01, F0, 08, 49, 00, C3, 55, 8B, EC, 51, 56, FF, 75, 08, 8B, F1, 89, 75, FC, E8, 27, 00, 00, 00, C7, 06, 0C, 09, 49, 00, 8B, C6, 5E, 8B, E5, 5D, C2, 04...
 
[+]

Entropy:
6.7016

Code size:
540 KB (552,960 bytes)

The file noactivex-95121085.exe has been seen being distributed by the following URL.

https://managedit.connectionsit.com/install/.../noActiveX-95121085.exe

Scan noactivex-95121085.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.