home

P95Tray.exe

Pointsec

PointSec Mobile Technologies AB

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Pointsec Tray’.
Publisher:
PointSec Mobile Technologies AB  (signed and verified)

Product:
Pointsec

Description:
Pointsec, Tray program

Version:
6.1.3 HF1 Build 1135

MD5:
6a63f826d66495f254722ea80f3ca217

SHA-1:
a6541f41412a0d869b53ff8d95a446456e431b13

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:58:17 PM UTC  (today)

File size:
919.4 KB (941,424 bytes)

Product version:
Version 6.1.3 HF1

Copyright:
Copyright © 1996-2007, Pointsec Mobile Technologies AB

Original file name:
P95Tray.exe

File type:
Executable application (Win32 EXE)

Language:
Swedish

Common path:
C:\Program Files\pointsec\pointsec for pc\p95tray.exe

Digital Signature
Signed by:
PointSec Mobile Technologies AB

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/29/2005 9:22:44 AM

Valid to:
4/29/2007 9:22:44 AM

Subject:
CN=PointSec Mobile Technologies AB, OU=Product Operations - Product Management, O=PointSec Mobile Technologies AB, L=Stockholm, S=Stockholm, C=SE

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
212359

File PE Metadata
Compilation timestamp:
2/6/2007 5:48:12 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:XnesenCSVTGsem9Kora+G6Zz97VVD6YQy0EcFdzv0JjORTpRBX+8aPneQfQKQhQn:XneX3VqQjra6ZpD6YWEcFdzv0oRwxnl

Entry address:
0x80C1B

Entry point:
55, 8B, EC, 6A, FF, 68, A8, DA, 4A, 00, 68, A8, 4C, 48, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 48, 31, 4A, 00, 33, D2, 8A, D4, 89, 15, E4, 8D, 4C, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, E0, 8D, 4C, 00, C1, E1, 08, 03, CA, 89, 0D, DC, 8D, 4C, 00, C1, E8, 10, A3, D8, 8D, 4C, 00, 6A, 01, E8, 50, 53, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 91, 14, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.4234

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
648 KB (663,552 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Pointsec Tray

Command:
C:\Program Files\pointsec\pointsec for pc\p95tray.exe


Scan P95Tray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.