home

pt2000Relay.exe

Pantum P2000 Series

Zhuhai Seine Technology Co., Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Pantum P2000 Series Printer’.
Publisher:
Seine Technology Co.,Ltd.  (signed by Zhuhai Seine Technology Co., Ltd)

Product:
Pantum P2000 Series

Description:
pt2000Relay

Version:
5.1.2.3

MD5:
2c70a37cd6583a24b86284e279b43d4b

SHA-1:
9781fd90a6663c0e89dfc00638f55162becebbe3

SHA-256:
72a2a7136960f24c221e3e95c62f5fb3ad37c929d6d8fb1733fa7bfaa788b1bf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:37:35 PM UTC  (today)

File size:
65.6 KB (67,128 bytes)

Product version:
5.1.2.3

Copyright:
Copyright (C) 2006-2010 Seine Technology Co.,Ltd All rights reserved.

Original file name:
pt2000Relay.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\pt2000relay.exe

Digital Signature
Signed by:
Zhuhai Seine Technology Co., Ltd

Authority:
VeriSign, Inc.

Valid from:
1/16/2012 6:00:00 PM

Valid to:
1/16/2015 5:59:59 PM

Subject:
CN="Zhuhai Seine Technology Co., Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Zhuhai Seine Technology Co., Ltd", L=ZhuHai, S=GuangDong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
012566AAF83B582DDE2375C4EFBE7A5D

File PE Metadata
Compilation timestamp:
5/5/2011 8:36:33 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
768:gARTSIsACbyc23IAxjpmx29QZwdGZOjfrxcr2LFDSrgu98Plbqvm86ry8UY5nf3G:ggu9Ao6jkwo8Drar2JmrGPl3ye5nf3G

Entry address:
0x25FC

Entry point:
E8, 01, 3D, 00, 00, E9, 78, FE, FF, FF, B8, 98, F1, 40, 00, C3, A1, 80, 1D, 41, 00, 56, 6A, 14, 5E, 85, C0, 75, 07, B8, 00, 02, 00, 00, EB, 06, 3B, C6, 7D, 07, 8B, C6, A3, 80, 1D, 41, 00, 6A, 04, 50, E8, AA, 3D, 00, 00, 59, 59, A3, 60, 0D, 41, 00, 85, C0, 75, 1E, 6A, 04, 56, 89, 35, 80, 1D, 41, 00, E8, 91, 3D, 00, 00, 59, 59, A3, 60, 0D, 41, 00, 85, C0, 75, 05, 6A, 1A, 58, 5E, C3, 33, D2, B9, 98, F1, 40, 00, EB, 05, A1, 60, 0D, 41, 00, 89, 0C, 02, 83, C1, 20, 83, C2, 04, 81, F9, 18, F4, 40, 00, 7C, EA, 6A...
 
[+]

Code size:
42.5 KB (43,520 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Pantum P2000 Series Printer

Command:
C:\Windows\System32\pt2000relay.exe


Scan pt2000Relay.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.