home

SurDoc.exe

SurDoc

SurDoc Corp.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SurDoc’.
Publisher:
SurDoc Corp.  (signed and verified)

Product:
SurDoc

Version:
2. 0. 6. 54

MD5:
730aae95d831a0e62eee5ec39754f449

SHA-1:
e4226cb9ff598b537055d0c89a76a1383948842e

SHA-256:
213231533f50227b639fd01f2c0e9ca8f3af713a937deade2d541d400761a6b5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:20:20 AM UTC  (today)

File size:
5.7 MB (5,953,064 bytes)

Product version:
2. 0. 6. 54

Copyright:
Copyright (C) 2013, SurDoc

Original file name:
SurDoc.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\surdoc\surdoc.exe

Digital Signature
Signed by:
SurDoc Corp.

Authority:
DigiCert Inc

Valid from:
4/5/2012 7:00:00 PM

Valid to:
6/9/2014 7:00:00 AM

Subject:
CN=SurDoc Corp., O=SurDoc Corp., L=Menlo Park, S=California, C=US

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07648F4CB018640781FABB654EE36A25

File PE Metadata
Compilation timestamp:
9/29/2013 11:57:30 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:Ss3q5ZnxhJV/vScfIhGeFT2KYrQnhQtaWt1tbjye:Ss3yZnxXJvScfIhvFT2BUhQtaWt1tKe

Entry address:
0x49796

Entry point:
E8, 1D, 05, 00, 00, E9, 37, FD, FF, FF, 3B, 0D, 28, 90, 46, 00, 75, 02, F3, C3, E9, 9F, 05, 00, 00, 8B, FF, 55, 8B, EC, F6, 45, 08, 02, 57, 8B, F9, 74, 25, 56, 68, 84, 9E, 44, 00, 8D, 77, FC, FF, 36, 6A, 0C, 57, E8, EE, 00, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, 60, F5, FF, FF, 59, 8B, C6, 5E, EB, 14, E8, 9D, 06, 00, 00, F6, 45, 08, 01, 74, 07, 57, E8, 49, F5, FF, FF, 59, 8B, C7, 5F, 5D, C2, 04, 00, 6A, 10, 68, 80, D9, 45, 00, E8, 05, 04, 00, 00, 33, C0, 89, 45, E0, 89, 45, FC, 89, 45, E4, 8B, 45, E4, 3B...
 
[+]

Entropy:
4.3220

Code size:
327 KB (334,848 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SurDoc

Command:
C:\Program Files\surdoc\surdoc.exe


Scan SurDoc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.