home

P95Tray.exe

Pointsec

PointSec Mobile Technologies AB

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Pointsec Tray’.
Publisher:
PointSec Mobile Technologies AB  (signed and verified)

Product:
Pointsec

Description:
Pointsec, Tray program

Version:
6.1.3 Build 1122

MD5:
edbcb89fbeccd604d61c63a002660cba

SHA-1:
758e6b2aac661b64319e0f5e60f01311e0cb34d6

SHA-256:
823a6dc5af13e33b2b5b17b674dc17a12347dcf37c767f60de72e34b87d6b260

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 5:31:07 PM UTC  (today)

File size:
919.4 KB (941,424 bytes)

Product version:
Version 6.1.3

Copyright:
Copyright © 1996-2006, Pointsec Mobile Technologies AB

Original file name:
P95Tray.exe

File type:
Executable application (Win32 EXE)

Language:
Swedish (Sweden)

Common path:
C:\Program Files\pointsec\pointsec for pc\p95tray.exe

Digital Signature
Signed by:
PointSec Mobile Technologies AB

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/29/2005 9:22:44 AM

Valid to:
4/29/2007 9:22:44 AM

Subject:
CN=PointSec Mobile Technologies AB, OU=Product Operations - Product Management, O=PointSec Mobile Technologies AB, L=Stockholm, S=Stockholm, C=SE

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
212359

File PE Metadata
Compilation timestamp:
12/4/2006 10:45:43 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:DnesenCSVTGsem9Kora+G6Zz97VVD6YQy0EcFdzv0JjORTpRBX+RaPnOQfQKQhQR:DneX3VqQjra6ZpD6YWEcFdzv0oRwqn7

Entry address:
0x80C1B

Entry point:
55, 8B, EC, 6A, FF, 68, A8, DA, 4A, 00, 68, A8, 4C, 48, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 48, 31, 4A, 00, 33, D2, 8A, D4, 89, 15, E4, 8D, 4C, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, E0, 8D, 4C, 00, C1, E1, 08, 03, CA, 89, 0D, DC, 8D, 4C, 00, C1, E8, 10, A3, D8, 8D, 4C, 00, 6A, 01, E8, 50, 53, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 91, 14, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.4233

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
648 KB (663,552 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Pointsec Tray

Command:
C:\Program Files\pointsec\pointsec for pc\p95tray.exe


Scan P95Tray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.