home

RAMBOOSTERREGISTER.EXE

Chris-PC RAM Booster

Chris P.C. srl

The application RAMBOOSTERREGISTER.EXE, “Chris-PC RAM Booster Registration” by Chris P.C. srl has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Chris P.C. srl  (signed and verified)

Product:
Chris-PC RAM Booster

Description:
Chris-PC RAM Booster Registration

Version:
1.0.0.0

MD5:
0e80ab8903c84ec45336616cf969d823

SHA-1:
214fa7dcba00255ee17641043830d139206197df

SHA-256:
98c883e94fb0b59da490d2360be9287834e76f64f8defea25c96502003e93974

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/16/2024 9:12:18 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ChrisPCsrl (M)
16.1.31.21

File size:
1.9 MB (2,016,240 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014 Chris P.C. srl

Original file name:
RAMBOOSTERREGISTER.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\chris-pc ram booster\ramboosterregister.exe

Digital Signature
Signed by:
Chris P.C. srl

Authority:
COMODO CA Limited

Valid from:
1/8/2013 3:00:00 AM

Valid to:
1/9/2016 2:59:59 AM

Subject:
CN=Chris P.C. srl, O=Chris P.C. srl, STREET=Nicolae Cristea 25/8, L=Cluj-Napoca, S=Cluj, PostalCode=400184, C=RO

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
319A47CF0068FDF122C7AC1163A961B8

File PE Metadata
Compilation timestamp:
12/17/2014 4:39:31 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:6kdV+f5c7zxYSJhUagnhFD3Lf+T5zQQQQQQQQQQQ71Hnse:K5c7z0hFD37UQQQQQQQQQQQRMe

Entry address:
0x147814

Entry point:
55, 8B, EC, 83, C4, F0, B8, 04, EC, 53, 00, E8, 60, 2A, EC, FF, B2, 01, B8, 9C, 78, 54, 00, E8, 0C, 4F, FF, FF, 84, C0, 75, 56, A1, 2C, 01, 55, 00, 8B, 00, E8, B4, 82, F7, FF, A1, 2C, 01, 55, 00, 8B, 00, B2, 01, E8, E2, 9F, F7, FF, 8B, 0D, 60, 00, 55, 00, A1, 2C, 01, 55, 00, 8B, 00, 8B, 15, A4, DA, 53, 00, E8, A6, 82, F7, FF, 8B, 0D, 34, FD, 54, 00, A1, 2C, 01, 55, 00, 8B, 00, 8B, 15, BC, C9, 53, 00, E8, 8E, 82, F7, FF, A1, 2C, 01, 55, 00, 8B, 00, E8, D2, 83, F7, FF, E8, 89, E6, EB, FF, 00, B0, 04, 02, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.3 MB (1,336,320 bytes)

Remove RAMBOOSTERREGISTER.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.