» regorganizer.exe
Overview
Analysis
File Details

regorganizer.exe

Reg Organizer

Konstantin Polyakov

File name:

regorganizer.exe

Publisher:

ChemTable Software (signed by Konstantin Polyakov)

Product:

Reg Organizer

Version:

5.0.0.0

MD5:

1fb1f7cf727596555b8f753af15b1f4a

SHA-1:

ba161f1f9e0031516a6663f0f2301201ac64a2d6

SHA-256:

5a8127a3792ba75d1079eb544b031ab92d6f1104f8d98b711e8138e6d6f24b31

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/20/2024 1:24:34 AM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

PUA.Packed.ASPack212

0.98/171

F-Prot

W32/Heuristic-210

v6.4.5.1.85

Trend Micro House Call

WORM_BAGLE.BMH

7.2.351

File size:

2.7 MB (2,864,320 bytes)

Product version:

5.0 Beta 6

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\total sysadmin pro\utilites\reg organizer\app\regorganizer.exe

Digital Signature

Signed by:

Konstantin Polyakov

Authority:

The USERTRUST Network

Valid from:

6/23/2009 3:00:00 AM

Valid to:

6/24/2010 2:59:59 AM

Subject:

CN=Konstantin Polyakov, O=Konstantin Polyakov, STREET="Mira str., 36-18", L=Ekaterinburg, S=N/A, PostalCode=620078, C=RU

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00975D70435BCFE7E20AC00DD74BA0CB32

File PE Metadata

Compilation timestamp:

11/11/2009 1:58:18 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.0

CTPH (ssdeep):

49152:id59p9M9nOdVKZwS9CT9LBJikpK/M754F68K2tpr:id5L9gOdVKH9CT97uMd4F6X2t9

Entry address:

0x1000

Entry point:

68, 01, 10, 9D, 00, E8, 01, 00, 00, 00, C3, C3, FF, 79, 80, EF, 08, 22, DB, 20, 40, D6, 5D, D9, 90, CF, 13, CF, EB, AF, A1, 61, 5A, EF, 6C, C3, 19, A1, A1, DF, BA, D4, 89, 4F, A4, 24, D5, 0A, EE, 68, 75, CE, CB, 76, 65, 59, 8B, 9B, A2, BF, EA, B2, C3, 82, 79, 3D, 3C, 80, 3B, F0, CD, D8, BC, 1D, 53, 42, 41, BC, 37, 21, 06, F6, 53, 7C, BD, 1B, EF, 0F, BC, A4, A6, DB, EA, 13, 7D, 80, 5E, 0B, 37, 5C, 7D, BF, AD, CB, 9F, 8E, 7B, A4, 07, D6, 07, 50, C7, DB, E3, 34, BA, A7, D6, 6D, 95, 72, 46, CD, 69, 54, 11, 04... 
[+]

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

3.3 MB (3,497,984 bytes)

Scan regorganizer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.