home

PBTray.exe

ProtectBURN Trayapp

Protect Software GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ProtectBURN Video’.
Publisher:
Protect Software GmbH  (signed and verified)

Product:
ProtectBURN Trayapp

Version:
1.0.2.4

MD5:
a6d388c65fb505c38339b273ea232e33

SHA-1:
d2fc84781852481cf25fde3ef960965aeacf3fcd

SHA-256:
384b2dd45047d04b31eef10627c1ecdf734728797f1d0a24fef3b8234c1a7369

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 4:12:57 AM UTC  (today)

File size:
1.2 MB (1,224,720 bytes)

Product version:
1.0.2.4

Copyright:
(c) Protect Software GmbH. All rights reserved.

Original file name:
PBTray.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\common files\protectburn\pbtray.exe

Digital Signature
Signed by:
Protect Software GmbH

Authority:
GlobalSign nv-sa

Valid from:
7/18/2011 4:00:33 PM

Valid to:
11/13/2013 2:33:30 PM

Subject:
E=cert@protect-software.com, CN=Protect Software GmbH, O=Protect Software GmbH, L=Dortmund, S=NRW, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D4C609DCCB89F9E370E24902B676D4B8

File PE Metadata
Compilation timestamp:
12/7/2012 7:05:41 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:7d4xCS0h1Pk418RlFlojHqPHXiE6m8NjWIXq/QRGDfTv:7d4AS0Xk418RvlEoSFT6YcDfTv

Entry address:
0x1AE3C3

Entry point:
E9, FE, B9, FF, FF, 28, 87, 3B, 2C, E0, D4, 05, F7, 29, 9D, 4F, 83, 76, C8, 1B, AE, C8, 5B, 09, A3, D9, E4, FC, 93, A6, F8, 8A, 1E, F0, 84, 11, 24, B1, A8, B9, F9, 6D, 81, C0, 12, F4, 8E, 72, 13, 7B, BA, CD, 5A, 72, 09, FA, CB, DC, EE, C2, 95, A9, FD, 4E, A2, 24, 0C, 9C, 13, D1, A9, 3A, 6E, FF, 6C, 6D, 5E, 53, 90, E2, 21, 14, 46, 38, 69, 5A, CC, 1D, D2, 63, 18, A8, B9, F9, 04, 68, A7, F8, F4, 8E, 72, F9, D1, B0, 41, F6, 29, 3C, 54, EB, 9E, 50, C3, 6D, D8, 44, 9D, 24, 63, B0, 41, C8, 65, 91, CF, 60, ED, 5F...
 
[+]

Entropy:
7.4528

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
184 KB (188,416 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ProtectBURN Video

Command:
C:\Program Files\common files\protectburn\pbtray.exe


Scan PBTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.