home

TeViiRC.exe

TeVii Remote Control

TeVii Technology Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘TeViiRC’.
Publisher:
TeVii Technology Ltd.  (signed and verified)

Product:
TeVii Remote Control

Version:
1.0.0

MD5:
68e5ff0c9e2847032097f3f4e2acb712

SHA-1:
8c1f5845bbbac4661d2818d6aba1d7afcda2cf5c

SHA-256:
6dca86a5dd65eea5c7b129ab80719c0269c5255391ac9869e2316869bc3aa581

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:19:39 PM UTC  (today)

File size:
320.4 KB (328,056 bytes)

Product version:
1.0.0

Copyright:
Copyright (C) 2010 TeVii Technology Ltd.

Original file name:
TeViiRC.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\windows\teviirc.exe

Digital Signature
Signed by:
TeVii Technology Ltd.

Authority:
GlobalSign nv-sa

Valid from:
5/26/2008 11:35:54 AM

Valid to:
5/26/2010 11:35:54 AM

Subject:
E=matthias@tevii.com, CN=TeVii Technology Ltd., O=TeVii Technology Ltd., C=BZ

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000011A24959BDE

File PE Metadata
Compilation timestamp:
4/21/2010 10:04:33 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:QhaJfFqyJTrUlj5d0P/xbeyaM73I4j3E509omaRcw5+JNWBu:bTr05q773Ic3E5j7cC+Ku

Entry address:
0x227BD

Entry point:
E8, 2E, 86, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 56, 8B, 44, 24, 14, 0B, C0, 75, 28, 8B, 4C, 24, 10, 8B, 44, 24, 0C, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 08, F7, F1, 8B, F0, 8B, C3, F7, 64, 24, 10, 8B, C8, 8B, C6, F7, 64, 24, 10, 03, D1, EB, 47, 8B, C8, 8B, 5C, 24, 10, 8B, 54, 24, 0C, 8B, 44, 24, 08, D1, E9, D1, DB, D1, EA, D1, D8, 0B, C9, 75, F4, F7, F3, 8B, F0, F7, 64, 24, 14, 8B, C8, 8B, 44, 24, 10, F7, E6, 03, D1, 72, 0E, 3B, 54, 24, 0C, 77, 08, 72, 0F, 3B, 44, 24, 08, 76, 09...
 
[+]

Code size:
208 KB (212,992 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TeViiRC

Command:
C:\windows\teviirc.exe


Scan TeViiRC.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.