home

ostt1_certd.exe

certreg Application

MINH THONG CARD SOLUTIONS CO LTD

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘CKCA Token_CKCA’.
Publisher:
CKCA OrigSign  (signed by MINH THONG CARD SOLUTIONS CO LTD)

Product:
certreg Application

Description:
certreg MFC Application

Version:
1, 0, 13, 1029

MD5:
03c39031da376f7198e5cb3dcc024720

SHA-1:
05a92811f5a0e5ec05398b1f2fb5e86f24435602

SHA-256:
369bd0478529f08e68c5f7f734718f10fcce58cf93d1ad29b676457a0c72df36

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:29:35 PM UTC  (today)

File size:
152.1 KB (155,704 bytes)

Product version:
1, 0, 13, 1029

Copyright:
Copyright (C) 2013 CKCA

Original file name:
certreg.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ckca origsign\ckca token\ostt1\ostt1_certd.exe

Digital Signature
Signed by:
MINH THONG CARD SOLUTIONS CO LTD

Authority:
Thawte, Inc.

Valid from:
7/15/2013 7:00:00 AM

Valid to:
7/16/2014 6:59:59 AM

Subject:
CN=MINH THONG CARD SOLUTIONS CO LTD, OU=IT Department, O=MINH THONG CARD SOLUTIONS CO LTD, L=Ho Chi Minh, S=Ho Chi Minh, C=VN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7DECEFF77C9750C576FBEF8CEFC6D96F

File PE Metadata
Compilation timestamp:
10/29/2013 8:04:31 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:ULRgZa5BNC1C5rsbg275jffdBe/Y2lQie3YqfshihOhtH:ULKZuBNC1+rsbg27xAY2pe3NS

Entry address:
0x15248

Entry point:
55, 8B, EC, 6A, FF, 68, C0, 91, 41, 00, 68, EA, 54, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, B4, 84, 41, 00, 59, 83, 0D, A8, 19, 42, 00, FF, 83, 0D, AC, 19, 42, 00, FF, FF, 15, B8, 84, 41, 00, 8B, 0D, 9C, 19, 42, 00, 89, 08, FF, 15, BC, 84, 41, 00, 8B, 0D, 98, 19, 42, 00, 89, 08, A1, C0, 84, 41, 00, 8B, 00, A3, A4, 19, 42, 00, E8, 30, 02, 00, 00, 39, 1D, 70, 0F, 42, 00, 75, 0C, 68, E6, 54, 41, 00, FF, 15...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
89 KB (91,136 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
CKCA Token_CKCA

Command:
C:\Program Files\ckca origsign\ckca token\ostt1\ostt1_certd.exe


Scan ostt1_certd.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.