home

sfr.exe

Glowria Video Manager

glow entertainment group

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SFR’.
Publisher:
Glowria  (signed by glow entertainment group)

Product:
Glowria Video Manager

Version:
3.4.2.4

MD5:
cec5152abf6b1594ce06f4ebe8ab6804

SHA-1:
51cfe3f06b486f0cace50135fce152bde4db5c99

SHA-256:
2bfe43e0d005dd9b52b17cb7d8459a044214aabbd62579f0a44416268e23251c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 5:06:25 PM UTC  (today)

File size:
932.1 KB (954,456 bytes)

Product version:
3.4.2.4

Copyright:
(c) 2009 Glow Entertainment Group S.A. All rights reserved.

Original file name:
AMServer.exe

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\Program Files\sfr\sfr.exe

Digital Signature
Signed by:
glow entertainment group

Authority:
GlobalSign nv-sa

Valid from:
2/9/2009 6:33:29 PM

Valid to:
2/9/2010 6:33:29 PM

Subject:
E=it.contact@glowria.fr, CN=glow entertainment group, O=glow entertainment group, C=FR

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000011F5C509E07

File PE Metadata
Compilation timestamp:
9/25/2009 4:33:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:O20NK8nojfLr1opwll4Og0GFFzk4s/jSBh6/MHuFQoROMIptPdJZXW:O20NlnUqpw404G4srSGkHuFQxtptY

Entry address:
0x7A957

Entry point:
E8, 9E, D3, FC, FF, E9, 17, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A4, 01, 00, 00, 81, F9, 00, 01, 00, 00, 72, 1F, 83, 3D, E4, BD, 4D, 00, 00, 74, 16, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 08, 5E, 5F, 5D, E9, FA, 7C, 00, 00, F7, C7, 03, 00, 00, 00, 75, 15, C1, E9, 02, 83, E2, 03, 83, F9, 08, 72, 2A, F3, A5, FF, 24, 95, E4, AA, 47, 00, 90, 8B, C7, BA...
 
[+]

Code size:
640 KB (655,360 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SFR

Command:
"C:\Program Files\sfr\sfr.exe" \check


Scan sfr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.