home

sentrybayupdate.exe9f65a

SentryBay Update

SentryBay Corporation

Publisher:
SentryBay  (signed by SentryBay Corporation)

Product:
SentryBay Update

Description:
SentryBay Installer

Version:
1.0.0.7796

MD5:
fca8bc3c786af05fd64a84b3b01e36a9

SHA-1:
df3dc527deade724cf5c3dfdc33c289539ce265a

SHA-256:
73c9222af6408b57c6303b2e9c9b2b7ddbd20690fb36fcf22a080ebb4df25ad4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/23/2024 7:04:05 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.GenericKDV!6.B5C
23.00.65.14304

File size:
145.4 KB (148,872 bytes)

Product version:
1.0.0.7796

Copyright:
Copyright 2007-2009 SentryBay

Original file name:
SentryBayUpdate.exe

Language:
English (United States)

Common path:
C:\windows\temp\sentrybayupdate.exe9f65a

Digital Signature
Signed by:
SentryBay Corporation

Authority:
VeriSign, Inc.

Valid from:
5/18/2012 8:00:00 PM

Valid to:
5/21/2013 7:59:59 PM

Subject:
CN=SentryBay Corporation, OU=Security, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SentryBay Corporation, L=Auckland, S=Auckland, C=NZ

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
67D108EAC6BF731058589A610F900100

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to qj-in-f121.1e100.net  (173.194.206.121:80)

TCP (HTTP):
Connects to qb-in-f141.1e100.net  (74.125.238.141:80)

Scan sentrybayupdate.exe9f65a - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.