home

quarrikldete_txzy

Quarri Agent

Quarri Technologies, Inc.

Publisher:
Quarri Technologies, Inc.  (signed and verified)

Product:
Quarri Agent

Description:
Quarri Agent Keylogger Detection Library

Version:
6, 7, 0, 269

MD5:
10982e62e8a77559b3b19b241c944447

SHA-1:
e569d8851114c237101aa0a819a9b9e5f97cbe0d

SHA-256:
77fb18e33a2033779587a8ded703d127ecea1ed62e0abf17aab070c265538b32

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/6/2024 6:08:54 AM UTC  (today)

File size:
217 KB (222,256 bytes)

Product version:
6, 7, 0, 269

Copyright:
Copyright © 2015, Quarri Technologies, Inc.

Original file name:
QuarriAgentKLDetect.dll

Language:
English (United States)

Common path:
C:\ProgramData\application data\quarriagent_tmp\quarrikldete_txzy

Digital Signature
Signed by:
Quarri Technologies, Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
9/23/2015 9:03:41 AM

Valid to:
10/20/2016 2:16:10 PM

Subject:
CN="Quarri Technologies, Inc.", O="Quarri Technologies, Inc.", L=Austin, S=Texas, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00B628CC7515B37FEC

File PE Metadata
Compilation timestamp:
6/6/2016 1:02:32 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:EGX1+VWvsdHmIvXyWIW8VoPFrLdu97zLnO7NPWOmgUDwNJ1RFpXMLjyncYuCSzqe:EG0V3b4oInTpgCeP+jync9Cjil

Entry address:
0x13E10

Entry point:
55, 8B, EC, 83, 7D, 0C, 00, 75, 0D, 83, 7D, 10, 00, 74, 07, B8, 01, 00, 00, 00, EB, 11, 8B, 45, 10, 50, 8B, 4D, 0C, 51, 8B, 55, 08, 52, E8, 27, D9, 00, 00, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, 55, 8B, EC, 51, 89, 4D, FC, 8B, 45, 08, 50, 8B, 4D, FC, E8, BD, 07, 00, 00, 8B, E5, 5D, C2, 04, 00, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 6A, FF, 68, F8, 69, 02, 10, 64, A1, 00, 00, 00, 00, 50, 83, EC, 08, A1, 70, 21, 03, 10, 33, C5, 50, 8D, 45, F4, 64, A3, 00, 00, 00, 00, 89, 4D, EC, 8B, 45, 08, 83, C0, 18, 51, 8B...
 
[+]

Entropy:
6.3139

Developed / compiled with:
Microsoft Visual C++

Code size:
162 KB (165,888 bytes)

Scan quarrikldete_txzy - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.