home

Register.exe

Register

Ancientsoft

The executable Register.exe has been detected as malware by 2 anti-virus scanners.
Publisher:
Ancientsoft  (signed and verified)

Product:
Register

Version:
1.00

MD5:
4122af5c461a991c0349b5d1772fe13b

SHA-1:
89da0b07bbb367fe9e1c05251997fd9c743178eb

SHA-256:
e489754b6da8a751dd066abe3c068c2387e1b00abdb819f5b546a3cb928940f9

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
4/27/2024 2:20:31 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.PECompact-1
0.98/18011

Reason Heuristics
Unnamed.Threat.14
14.3.6.11

File size:
28.8 KB (29,440 bytes)

Product version:
1.00

Original file name:
Register.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\osa kit pro player v4.0\register.exe

Digital Signature
Signed by:
Ancientsoft

Authority:
The USERTRUST Network

Valid from:
10/9/2008 3:00:00 AM

Valid to:
10/10/2009 2:59:59 AM

Subject:
CN=Ancientsoft, O=Ancientsoft, STREET="Al Rashidia st.,", L=Al Mahmoudia, S=Al Behira, PostalCode=22718, C=EG

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00F90F6887D93E723F462EB2CF368EFBE5

File PE Metadata
Compilation timestamp:
10/11/2008 4:36:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:qxMVcZNOz0LbC80r+gsw9toMK3OvaCDy3DJQqBh2aNV/KMLy:yL30XsqoMMM0J/a6u

Entry address:
0x1A80

Entry point:
B8, DC, 44, 41, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 85, CA, 2E, 1B, 59, 5C, 8F, C1, 6B, 67, 88, F8, 66, 18, 45, 88, EB, C9, 16, 91, B7, 67, B2, 97, 4B, FE, EB, 36, 3D, 5B, 23, 14, 71, 14, 56, FA, 8A, B6, CB, 29, B5, 42, 48, FA, 24, 02, 93, AB, 36, 8B, F3, 21, 5B, 62, A4, 0D, F1, 43, 40, 00, C4, B1, 52, 15, 4B, 77, 13, 01, A2, 63, C5, 9B, B4, C2, E7, D5, 4C, EF, 26, 64, F2, 90, 0F, 87, ED, 5E, F3, 51, 93, 89, 6C, 17, F3...
 
[+]

Entropy:
7.7105

Packer / compiler:
PECompact v2

Code size:
64 KB (65,536 bytes)

Remove Register.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.