home

TeViiRC.exe

TeVii Remote Control

JacTek Multimedia Co. Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘TeViiRC’.
Publisher:
TeVii Technology Ltd.  (signed by JacTek Multimedia Co. Ltd.)

Product:
TeVii Remote Control

Version:
1.0.0

MD5:
cf55c967f825b6c2a64eda77f29bc01e

SHA-1:
19a6806cc50e875f4dbea91f405ecaa3aba050a9

SHA-256:
19229e6e9d30a6bb7631f5ad0ed311fc77bcb970fd3070793ac195da05f2ba4e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 11:07:47 PM UTC  (a few moments ago)

File size:
320.3 KB (328,024 bytes)

Product version:
1.0.0

Copyright:
Copyright (C) 2010 TeVii Technology Ltd.

Original file name:
TeViiRC.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\teviirc.exe

Digital Signature
Signed by:
JacTek Multimedia Co. Ltd.

Authority:
GlobalSign nv-sa

Valid from:
10/30/2009 3:50:18 AM

Valid to:
10/30/2010 3:50:18 AM

Subject:
CN=JacTek Multimedia Co. Ltd., O=JacTek Multimedia Co. Ltd., C=TW

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000124A3450002

File PE Metadata
Compilation timestamp:
4/21/2010 10:04:33 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:XhaJfFqyJTrUlj5d0P/xbeyaM73I4j3E509omaRcw5+JNWBlr:uTr05q773Ic3E5j7cC+Klr

Entry address:
0x227BD

Entry point:
E8, 2E, 86, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 56, 8B, 44, 24, 14, 0B, C0, 75, 28, 8B, 4C, 24, 10, 8B, 44, 24, 0C, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 08, F7, F1, 8B, F0, 8B, C3, F7, 64, 24, 10, 8B, C8, 8B, C6, F7, 64, 24, 10, 03, D1, EB, 47, 8B, C8, 8B, 5C, 24, 10, 8B, 54, 24, 0C, 8B, 44, 24, 08, D1, E9, D1, DB, D1, EA, D1, D8, 0B, C9, 75, F4, F7, F3, 8B, F0, F7, 64, 24, 14, 8B, C8, 8B, 44, 24, 10, F7, E6, 03, D1, 72, 0E, 3B, 54, 24, 0C, 77, 08, 72, 0F, 3B, 44, 24, 08, 76, 09...
 
[+]

Entropy:
6.4078

Code size:
208 KB (212,992 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TeViiRC

Command:
C:\windows\teviirc.exe


Scan TeViiRC.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.