home

SurDoc.exe

SurDoc

SurDoc Corp.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SurDoc’.
Publisher:
SurDoc Corp.  (signed and verified)

Product:
SurDoc

Version:
2. 0. 0. 35

MD5:
219b926a4e66c1f3b80a954719346353

SHA-1:
c1eb6dcbeb2a6775920ae48da27b39fb13f00ae1

SHA-256:
7beed4a42cae362fafc767b25ac34b1b4dd1197cdb3e9e36af916139512495cc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/7/2024 3:33:32 AM UTC  (today)

File size:
6.2 MB (6,536,360 bytes)

Product version:
2. 0. 0. 35

Copyright:
Copyright (C) 2012, SurDoc

Original file name:
SurDoc.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States d'America)

Common path:
C:\Program Files\surdoc\surdoc\surdoc.exe

Digital Signature
Signed by:
SurDoc Corp.

Authority:
DigiCert Inc

Valid from:
4/6/2012 2:00:00 AM

Valid to:
6/9/2014 2:00:00 PM

Subject:
CN=SurDoc Corp., O=SurDoc Corp., L=Menlo Park, S=California, C=US

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07648F4CB018640781FABB654EE36A25

File PE Metadata
Compilation timestamp:
5/20/2013 9:58:28 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:Bny0RirElfTlSb9g2ni9Q9Pia2agod2Hqx5vScfIhHFT2ah1taWt1tx:liwZ4x2od2HA5acfIhHFT2ah1taWt1tx

Entry address:
0x14E9C7

Entry point:
E8, 01, 85, 00, 00, E9, 79, FE, FF, FF, 3B, 0D, 70, A6, 5D, 00, 75, 02, F3, C3, E9, 83, 85, 00, 00, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, CC, 3B, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 76, 0B, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, 66, 61, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, 95, 33, 00, 00, 83, C4, 0C, 39, 7D, 10, 74, B6, 39, 75, 0C, 73...
 
[+]

Code size:
1.5 MB (1,575,424 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SurDoc

Command:
C:\Program Files\surdoc\surdoc\surdoc.exe


Scan SurDoc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.