» ~su161C.exe
Overview
Analysis
File Details

~su161C.exe

Startup TOOLS

INNEO Solutions GmbH

File name:

~su161C.exe

Publisher:

INNEO Solutions GmbH (signed and verified)

Product:

Startup TOOLS

Description:

Startup TOOLS Client Helper

Version:

7.0.24.348

MD5:

c6d14bc748ac9c0bebf6f072e147c3b5

SHA-1:

194089952688a01a98d64dd33c29495563da116a

SHA-256:

eac90afacb14881bd0801ba2337d88d27642a54faeae043cb02dcdc1956b2ff3

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/19/2024 7:13:56 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Packed/PECompact

7.1.1

File size:

260.6 KB (266,856 bytes)

Product version:

2009

Trademarks:

Startup TOOLS

Original file name:

ClientHelper.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\~su161c.exe

Digital Signature

Signed by:

INNEO Solutions GmbH

Authority:

Thawte, Inc.

Valid from:

12/29/2011 1:00:00 AM

Valid to:

2/17/2014 12:59:59 AM

Subject:

CN=INNEO Solutions GmbH, OU=Projektmanagementloesungen, O=INNEO Solutions GmbH, L=Ellwangen, S=Baden-Wuerttemberg, C=DE

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

736A805BE5F3A5042349F5B281AF4259

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.25

CTPH (ssdeep):

6144:JBLLm4MuU4VkJZF2HYtvJr2Bw8nkgKtxp5bd5eVWsGI7h:JBCuU4UfCsF2BIV55dI7h

Entry address:

0x1000

Entry point:

B8, 98, 76, 4D, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, E1, E6, 65, C1, 3A, F6, 83, 47, F1, 13, 84, EB, 86, D5, 2F, 56, 4B, C6, E0, C1, 93, 86, 0C, 7A, B9, CD, 12, 7E, 27, 4C, 9D, 75, B4, D0, 4F, F7, 89, 9F, 7B, 47, BF, 78, A9, 25, 6D, C6, A4, E6, B6, 29, 0A, 02, E7, 45, A4, 08, 06, C2, 95, 3F, 70, 92, 2C, 99, 36, 48, F1, C9, 76, 3D, A0, 69, FE, 8E, DE, C0, E4, CF, 2A, EB, 75, BB, 8C, C5, E7, 04, 7C, 46, C9, 0F, EC, 9B, 25... 
[+]

Packer / compiler:

PECompact v2

Code size:

517 KB (529,408 bytes)

Scan ~su161C.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.