home

RSBoardDVT.exe

JOSSEN TEK DVT Drivers V7.0

Fuzhou Returnstar Technology Co.,Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DVT’.
Publisher:
JOSSEN TEKNOLOGI INDONESIA  (signed by Fuzhou Returnstar Technology Co.,Ltd)

Product:
JOSSEN TEK DVT Drivers V7.0

Version:
7.0.0.0

MD5:
0a9f08c92b4690520aec684ddf9f1926

SHA-1:
8a1cf57a8491613f3560f3385b1add1921bbbb06

SHA-256:
808b034f647655f8d7975ea6a48ce7035e4252d725d989a3d0d5cd57d6e8472a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 7:57:10 AM UTC  (today)

File size:
2.2 MB (2,298,184 bytes)

Product version:
7.0.0.0

Copyright:
Copyright(C) 2003-2014 PT. JOSSEN TEKNOLOGI INDONESIA

Original file name:
RSBoardDVT.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\jossen tek dvt drivers v7.0\rsboarddvt.exe

Digital Signature
Signed by:
Fuzhou Returnstar Technology Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
5/23/2012 7:00:00 AM

Valid to:
5/24/2015 6:59:59 AM

Subject:
CN="Fuzhou Returnstar Technology Co.,Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Fuzhou Returnstar Technology Co.,Ltd", L=Fujian, S=Fuzhou, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
049F218C42F9D0481EE774CF9C70A1BF

File PE Metadata
Compilation timestamp:
2/10/2014 1:44:07 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
49152:rguwvWSzioX4kt1iF+ub+hyDAanCAVMXQhYjk/kQvJNl:M1vFzioX4k2F+ub+hOnCAVMXQhBnB

Entry address:
0x12A51A

Entry point:
E8, F2, 74, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, F8, B0, 5A, 00, 75, 02, F3, C3, E9, B4, 07, 00, 00, FF, 35, E0, 28, 5B, 00, FF, 15, 80, 53, 55, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, DF, 6C, 00, 00, 6A, 01, 6A, 00, E8, AE, 79, 00, 00, 83, C4, 0C, E9, C5, 79, 00, 00, 51, C7, 01, 38, FC, 57, 00, E8, A3, 7A, 00, 00, 59, C3, 55, 8B, EC, 8D, 41, 09, 50, 8B, 45, 08, 83, C0, 09, 50, E8, 02, 7A, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 55, 8B, EC, 56, 8B, F1, E8, C9, FF, FF, FF, F6, 45, 08, 01, 74, 07...
 
[+]

Entropy:
5.9496

Code size:
1.3 MB (1,390,080 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DVT

Command:
"C:\Program Files\jossen tek dvt drivers v7.0\rsboarddvt.exe"


Scan RSBoardDVT.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.