home

tccargo.exe

TC Login

TimoCom Soft- und Hardware GmbH

This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘TC Login’. The file has been seen being downloaded from www.google.com and multiple other hosts.
Publisher:
TimoCom Soft- und Hardware GmbH

Product:
TC Login

Version:
1.3.2.0

MD5:
889a0b2bc5d20ddb1ae7725c50d34567

SHA-1:
0a81bf16a7b34ab9bb4436ea6099bb09430e0cb7

SHA-256:
0162cea1872bd7b3700fe64fb93da8ec0b7b608173b9c930bfece994695c299a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 6:53:47 AM UTC  (today)

File size:
1.2 MB (1,215,488 bytes)

Product version:
1.0.0.0

Copyright:
TimoCom Soft- und Hardware GmbH 2005-2009

Original file name:
tccargo.exe

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:Cut+16MNPC/UVBQWuDfqunbDZaYbWmYUkQgT011F9uXWn:xt+16MYmhWVUdlT01LP

Entry address:
0x35B6F0

Entry point:
60, BE, 00, 80, 63, 00, 8D, BE, 00, 90, DC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 19, 8B, 1E, 83, EE, FC, 11, DB, 72, 10, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11...
 
[+]

Entropy:
7.8969

Packer / compiler:
UPX 2.90LZMA]

Code size:
1.1 MB (1,196,032 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TC Login

Command:
C:\tccargo\tccargo.exe --autostart


The file tccargo.exe has been seen being distributed by the following 4 URLs.

https://www.google.com/url?hl=es&q=http://my.timocom.com/WWW/TCO/update/.../tccargo.exe&source=gmail&ust=1476884347496000&usg=AFQjCNHLWwM9YU41IZQzNWSdzPu5TGnL3g

http://www.timocom.pl/download

https://my.timocom.com/WWW/TCO/update/.../tccargo.exe

http://my.timocom.com/WWW/TCO/update/.../tccargo.exe

Scan tccargo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.