home

RadeonSettings.exe

Radeon Settings

Advanced Micro Devices, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘StartCN’.
Publisher:
Advanced Micro Devices, Inc.  (signed and verified)

Product:
Radeon Settings

Description:
Radeon Settings: Host Application

Version:
10,01,01,1623

MD5:
9de649955c9db00639c5a21811599a8d

SHA-1:
a721d19272b5975a30011788fe86fa021fa67fdc

SHA-256:
cc9c73cb8986cd0beb327247773e2a6e93ed813e6d4df27bce05304209ccf59e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 10:30:57 PM UTC  (today)

File size:
4.8 MB (5,002,952 bytes)

Product version:
10,01,01,1623

Copyright:
Copyright (C) 2015 Advanced Micro Devices, Inc.

Original file name:
RadeonSettings.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\amd\cnext\cnext\radeonsettings.exe

Digital Signature
Signed by:
Advanced Micro Devices, Inc.

Authority:
VeriSign, Inc.

Valid from:
4/2/2013 8:00:00 PM

Valid to:
6/1/2016 7:59:59 PM

Subject:
CN="Advanced Micro Devices, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Advanced Micro Devices, Inc.", L=Sunnyvale, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4CD9E755850C1372B48DC182A7308BAB

File PE Metadata
Compilation timestamp:
2/13/2016 7:32:19 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:UHATPy6X30ofZzYlZ204SHF1gJ69iEnqv2p:UHATPy6X30ofZzYlZ204SHF1gJuiqqvc

Entry address:
0x16CAE4

Entry point:
48, 83, EC, 28, E8, 63, 03, 00, 00, 48, 83, C4, 28, E9, 02, 00, 00, 00, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 70, 10, 57, 48, 83, EC, 30, 48, 83, 60, F0, 00, 83, 60, E8, 00, FF, 15, A1, A9, 01, 00, 0F, B7, F0, 65, 48, 8B, 0C, 25, 30, 00, 00, 00, 48, 8B, 51, 08, 33, DB, 33, C0, F0, 48, 0F, B1, 15, 7C, 6C, 2F, 00, 74, 0E, 48, 3B, C2, 75, 07, BB, 01, 00, 00, 00, EB, 02, EB, E5, 8B, 05, 6E, 6C, 2F, 00, 83, F8, 01, 75, 0A, 8D, 48, 1E, E8, 17, 02, 00, 00, EB, 3F, 8B, 05, 59, 6C, 2F, 00, 85, C0, 75, 2B, C7...
 
[+]

Entropy:
6.0250

Code size:
1.5 MB (1,595,904 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
StartCN

Command:
"C:\Program Files\amd\cnext\cnext\radeonsettings.exe" atlogon


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.