home

TeViiRC.exe

TeVii Remote Control

JacTek Multimedia Co.,Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘TeViiRC’.
Publisher:
TeVii Technology Ltd.  (signed by JacTek Multimedia Co.,Ltd.)

Product:
TeVii Remote Control

Version:
1.0.0

MD5:
0b9c663f2ffaa4395480e442ab7070c2

SHA-1:
be66313235d0e14b11e762c1fe8f5ad61a30a65a

SHA-256:
ceb4b9d65bf89f5e258cc90e2d53932f34c9f846daceb292d07b5d833cef464a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:35:54 PM UTC  (today)

File size:
320.6 KB (328,328 bytes)

Product version:
1.0.0

Copyright:
Copyright (C) 2010 TeVii Technology Ltd.

Original file name:
TeViiRC.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\windows\teviirc.exe

Digital Signature
Signed by:
JacTek Multimedia Co.,Ltd.

Authority:
GlobalSign nv-sa

Valid from:
10/29/2010 3:15:18 AM

Valid to:
10/29/2011 3:15:18 AM

Subject:
CN="JacTek Multimedia Co.,Ltd.", O="JacTek Multimedia Co.,Ltd.", C=TW

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012BF5A1F51E

File PE Metadata
Compilation timestamp:
4/21/2010 10:04:33 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:MhaJfFqyJTrUlj5d0P/xbeyaM73I4j3E509omaRcw5+JNWBiz:PTr05q773Ic3E5j7cC+Kiz

Entry address:
0x227BD

Entry point:
E8, 2E, 86, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 56, 8B, 44, 24, 14, 0B, C0, 75, 28, 8B, 4C, 24, 10, 8B, 44, 24, 0C, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 08, F7, F1, 8B, F0, 8B, C3, F7, 64, 24, 10, 8B, C8, 8B, C6, F7, 64, 24, 10, 03, D1, EB, 47, 8B, C8, 8B, 5C, 24, 10, 8B, 54, 24, 0C, 8B, 44, 24, 08, D1, E9, D1, DB, D1, EA, D1, D8, 0B, C9, 75, F4, F7, F3, 8B, F0, F7, 64, 24, 14, 8B, C8, 8B, 44, 24, 10, F7, E6, 03, D1, 72, 0E, 3B, 54, 24, 0C, 77, 08, 72, 0F, 3B, 44, 24, 08, 76, 09...
 
[+]

Entropy:
6.4101

Code size:
208 KB (212,992 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TeViiRC

Command:
C:\windows\teviirc.exe


Scan TeViiRC.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.