» StartScreen.exe
Overview
Analysis
File Details

StartScreen.exe

StartIsBack

STANISLAV ZINUKHOV

File name:

StartScreen.exe

Publisher:

www.startisback.com (signed by STANISLAV ZINUKHOV)

Product:

StartIsBack

Description:

Start Screen Launcher

Version:

2.0.0

MD5:

e7996f4af49b033d1ce6b11965fc42ff

SHA-1:

03aa3741881ad8354b4a3d47d583d16f3801345a

SHA-256:

1ece2f1eacedfb88738aa2e81dd91517125a996bd357bfd79bda0a3b1619f655

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/23/2024 5:53:56 PM UTC (today)

File size:

34.9 KB (35,712 bytes)

Product version:

2.0.0

Original file name:

StartScreen.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\startisback\startscreen.exe

Digital Signature

Signed by:

STANISLAV ZINUKHOV

Authority:

StartCom Ltd.

Valid from:

11/26/2012 2:32:52 AM

Valid to:

11/27/2014 7:00:32 AM

Subject:

E=tihiy.mozg@gmail.com, CN=STANISLAV ZINUKHOV, L=Moscow, S=Moscow City, C=RU, Description=eSmLh1eo0jo6RFA5

Issuer:

CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

0817

File PE Metadata

Compilation timestamp:

3/11/2013 6:00:04 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

384:jpQ/kXQ7T9bMj2jYjYj2jWj4jLcjfe0j2jYjYj2jWj4jLcjfsZvGBnYPLoVVP0V2:NQ/iQ/9kADGB1VVP0mMXI

Entry address:

0x1620

Entry point:

55, 8B, EC, 83, E4, F8, 56, 57, 6A, 00, FF, 15, 5C, 10, 40, 00, 8B, 35, 14, 10, 40, 00, 68, 64, 12, 40, 00, FF, D6, 8B, 3D, 50, 10, 40, 00, 50, FF, D7, 85, C0, 74, 0C, 6A, 01, E8, EF, FC, FF, FF, 83, C4, 04, EB, 1F, 68, 70, 12, 40, 00, FF, D6, 50, FF, D7, 85, C0, 74, 0C, 6A, 00, E8, D5, FC, FF, FF, 83, C4, 04, EB, 05, E8, 5B, FC, FF, FF, FF, 15, 58, 10, 40, 00, 6A, 00, FF, 15, 10, 10, 40, 00, CC, 2C, 17, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8E, 17, 00, 00, 44, 10, 00, 00, E8, 16, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

4.1884

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

2.5 KB (2,560 bytes)

Scan StartScreen.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.