home

pt1000Relay.exe

Pantum P1000 Series

Zhuhai Seine Technology Co., Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Pantum P1000 Series Printer’.
Publisher:
ZhuHai Seine Technology Co.,Ltd.  (signed by Zhuhai Seine Technology Co., Ltd)

Product:
Pantum P1000 Series

Description:
pt1000Relay

Version:
3.1.4.0

MD5:
af64977b472669fcc4bb1455889b1d52

SHA-1:
73b41e3abe7e14b23e91ed734d2e736a60ec1aa9

SHA-256:
b6871502eccbcbc49aadaa9634512d3ef8c112fcb24b68ec350b3fc93eea1ea8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:53:41 PM UTC  (today)

File size:
72.1 KB (73,824 bytes)

Product version:
3.1.4.0

Copyright:
Copyright (C) 2006-2010 ZhuHai Seine Technology Co.,Ltd. All rights reserved.

Original file name:
pt1000Relay.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\pt1000relay.exe

Digital Signature
Signed by:
Zhuhai Seine Technology Co., Ltd

Authority:
VeriSign, Inc.

Valid from:
1/17/2012 1:00:00 AM

Valid to:
1/17/2015 12:59:59 AM

Subject:
CN="Zhuhai Seine Technology Co., Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Zhuhai Seine Technology Co., Ltd", L=ZhuHai, S=GuangDong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
012566AAF83B582DDE2375C4EFBE7A5D

File PE Metadata
Compilation timestamp:
7/24/2012 2:56:56 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:vVD/zWjBLYJm7C2pBJ65agkMH9ggTtyQcp4tCJZ5Rvg1w:vVD/zWja4C23gV/TISGZ5Nj

Entry address:
0x2B10

Entry point:
48, 83, EC, 28, E8, 27, 31, 00, 00, 48, 83, C4, 28, E9, 12, FE, FF, FF, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 68, 18, 48, 89, 70, 20, 48, 89, 50, 10, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 83, EC, 40, 4D, 8B, 79, 08, 4D, 8B, 21, 49, 8B, 71, 38, 4D, 2B, E7, F6, 41, 04, 66, 4D, 8B, F1, 48, 8B, EA, 4C, 8B, E9, 0F, 85, DC, 00, 00, 00, 33, FF, 48, 89, 48, C8, 4C, 89, 40, D0, 39, 3E, 0F, 86, 2B, 01, 00, 00, 48, 8D, 5E, 0C, 8B, 43, F8, 4C, 3B, E0, 0F, 82, A7, 00, 00, 00, 8B, 43, FC, 4C, 3B, E0, 0F, 83, 9B...
 
[+]

Entropy:
6.2072

Code size:
43 KB (44,032 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Pantum P1000 Series Printer

Command:
C:\Windows\System32\pt1000relay.exe


Scan pt1000Relay.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.