home

SqlServerIpconfig.EXE

SqlServerIpconfig 应用程序

Farstone Technology Inc

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘VirtualDrive Network Server’.
Publisher:
FarStone Technology Inc.  (signed by Farstone Technology Inc)

Product:
SqlServerIpconfig 应用程序

Description:
Sql Server Ip Config

Version:
1, 0, 0, 1

MD5:
a9a716ead06d6623071ee52e8a536964

SHA-1:
7107f0da53fd47b6230fef83f8deef933555c3ed

SHA-256:
680a93388ddf4cb8efbc078bbf8d52d328cf7246f22f33e04d9f2aa52d8183e5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 10:13:20 AM UTC  (today)

File size:
34.5 KB (35,344 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 1993-2008 FarStone Technology Inc.

Original file name:
SqlServerIpconfig.EXE

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Digital Signature
Signed by:
Farstone Technology Inc

Authority:
VeriSign, Inc.

Valid from:
9/2/2008 3:00:00 AM

Valid to:
9/3/2009 2:59:59 AM

Subject:
CN=Farstone Technology Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Farstone Technology Inc, L=Irvine, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0CBC293F8E24848F085261525258CAEF

File PE Metadata
Compilation timestamp:
6/17/2008 9:19:42 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
192:xCeZWmnAVuxlkNRhbtwVJWlhbtEP1oynLWozsJ8N3OCAdyowJL/aMjGwP7pMye1G:IeoZNm91MowzHYJLWqerbw6jVa

Entry address:
0x1E30

Entry point:
55, 8B, EC, 6A, FF, 68, 70, 34, 40, 00, 68, B6, 1F, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, AC, 31, 40, 00, 59, 83, 0D, 20, 42, 40, 00, FF, 83, 0D, 24, 42, 40, 00, FF, FF, 15, EC, 31, 40, 00, 8B, 0D, 14, 42, 40, 00, 89, 08, FF, 15, B8, 31, 40, 00, 8B, 0D, 10, 42, 40, 00, 89, 08, A1, BC, 31, 40, 00, 8B, 00, A3, 1C, 42, 40, 00, E8, 16, 01, 00, 00, 39, 1D, 30, 41, 40, 00, 75, 0C, 68, B2, 1F, 40, 00, FF, 15, C0, 31...
 
[+]

Entropy:
4.0647

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
8 KB (8,192 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
VirtualDrive Network Server

Command:
"C:\vdn\files\sqlserveripconfig.exe" \autorestore


Scan SqlServerIpconfig.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.