home

rcp_enrest79_sec.exe

RegClean-Pro

Systweak Inc

This is a setup program which is used to install the application. The file has been seen being downloaded from cloudfront.systweak.com.
Publisher:
Systweak Inc

Product:
RegClean-Pro

Description:
RegClean Pro

Version:
RegClean Pro

MD5:
9e45d0ac0a763ae97126ae41cdf458c5

SHA-1:
49c906b5306a9048d6a9aab721d851b653f1b09c

SHA-256:
4fb57a404875772f5d24f0e15c79193c3104a526388cf1cc35b65cd474b45233

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 6:13:07 PM UTC  (today)

File size:
4.9 MB (5,124,664 bytes)

Product version:
6.21

Copyright:
© Systweak Inc

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\rcp_enrest79_sec.exe

File PE Metadata
Compilation timestamp:
10/13/2013 11:19:32 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:f03Km1xfGfJ38+fbHsO3WTg3W4+RZ5jLRawxtxdg3EHDS/4WF4t65DxlA:c3v1NMJ3xbMVc3W4+RZTawx/ae7PtiFi

Entry address:
0x113BC

Entry point:
60, F2, FE, C5, B5, A6, C7, C2, A4, 7C, 68, 78, F6, C7, 38, 71, 04, 31, DE, 84, E7, EB, 08, 89, CB, 8D, 05, 79, 7B, 46, 30, 52, 75, 08, 05, B9, 86, 38, 9D, 8B, F5, 43, E8, 00, 00, 00, 00, 5F, F7, C2, 2A, 36, DF, 0E, EB, 09, 8D, 35, 4A, 72, C6, 4B, F6, C2, 63, EB, 05, 87, F2, 0F, AF, C1, 56, 68, 62, 55, A3, 00, 81, D8, A0, 92, DD, C5, EB, 07, C7, C0, 41, A1, E4, 29, F3, 57, 68, 7A, BE, BB, 00, 81, FA, 6F, 12, 00, 00, 70, 03, C6, C5, 0A, 08, D7, C6, C2, 05, 8A, D1, FE, C9, 69, CD, 45, 79, 86, 19, 86, F5, 10...
 
[+]

Entropy:
7.9892  (probably packed)

Code size:
63.5 KB (65,024 bytes)

The file rcp_enrest79_sec.exe has been seen being distributed by the following URL.

http://cloudfront.systweak.com/downloads/.../rcp_enrest79_sec.exe

Scan rcp_enrest79_sec.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.