home

regorganizer.exe

Reg Organizer

Konstantin Polyakov

Publisher:
ChemTable Software  (signed by Konstantin Polyakov)

Product:
Reg Organizer

Version:
5.0.0.0

MD5:
4f03038e232016d79ea66ac0894c7f6d

SHA-1:
d15feccf58cc186f4b7ff778e4b303f83c0fa5c9

SHA-256:
a366dd423ff998991572c1edf3a05b3562c29646411e8797bb83dbbf90f05a26

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/20/2024 5:13:34 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/Heuristic-210
v6.4.5.1.85

Trend Micro House Call
WORM_BAGLE.BMH
7.2.328

File size:
2.7 MB (2,851,520 bytes)

Product version:
5.0 Beta 5

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\reg organizer\reg organizer 1\regorganizer.exe

Digital Signature
Signed by:
Konstantin Polyakov

Authority:
The USERTRUST Network

Valid from:
6/22/2009 5:00:00 PM

Valid to:
6/23/2010 4:59:59 PM

Subject:
CN=Konstantin Polyakov, O=Konstantin Polyakov, STREET="Mira str., 36-18", L=Ekaterinburg, S=N/A, PostalCode=620078, C=RU

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00975D70435BCFE7E20AC00DD74BA0CB32

File PE Metadata
Compilation timestamp:
10/25/2009 11:47:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:IYLD3/mbtYrv6z6TtztWc/M7K4F6cKa5xp:zHObtYrv6+dM+4F63a5n

Entry address:
0x1000

Entry point:
68, 01, 30, 9C, 00, E8, 01, 00, 00, 00, C3, C3, 2F, BC, 5A, 78, B7, FD, CE, FA, 1F, B2, C1, 71, D7, 6A, 6C, ED, 07, 25, 59, 8F, CE, 97, 29, C8, C0, 26, 4E, 81, 06, 44, D7, 41, 61, 5C, 3C, 42, E7, ED, 82, 2D, 2E, DF, D5, ED, D2, 31, 8B, 55, 09, FC, 7F, F7, 10, 34, F2, 80, D9, ED, 67, 98, 4D, A8, 6B, 26, C1, B3, AF, 43, 50, DD, A5, C1, 6A, 87, 3D, 0D, 07, F7, 56, C5, 43, F9, 07, E8, 5E, 9D, 02, 83, 69, C8, 7B, 3F, 6F, 75, 71, AF, A5, F8, 1B, 1F, 39, 71, 76, CD, 86, 96, 6B, 29, 34, 29, 9F, 8C, 16, AA, 8D, 02...
 
[+]

Entropy:
7.2258

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
3.3 MB (3,452,928 bytes)

Scan regorganizer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.