home

TrayTips.exe

VHD Client 2.0

Xtreaming Technology Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘VHD TIPS’.
Publisher:
Xtreaming Technology Inc  (signed by Xtreaming Technology Inc.)

Product:
VHD Client 2.0

Description:
TrayTips.exe

Version:
2.0.4.8

MD5:
de4e2329a88bff2c9cfc07756dc55c69

SHA-1:
8eac442727240314003d742e15d2278e5f61aa15

SHA-256:
6ef24be56c9de58c9840c216d7297a57c940db3d6b4246b125cb024370a2204d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:16:40 PM UTC  (today)

File size:
37.3 KB (38,224 bytes)

Product version:
2.0.4.8

Copyright:
Copyright © 2008 Xtreaming Technology Inc.

Trademarks:
VHD is a trademark of Xtreaming Technology Inc.

Original file name:
TrayTips.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\xtreaming technology inc\vhd client 2.0\traytips.exe

Digital Signature
Signed by:
Xtreaming Technology Inc.

Authority:
VeriSign, Inc.

Valid from:
2/22/2010 7:00:00 AM

Valid to:
2/23/2012 6:59:59 AM

Subject:
CN=Xtreaming Technology Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Xtreaming Technology Inc., L=Taichung, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
11EA9B47EDC53577340FA14E147E9132

File PE Metadata
Compilation timestamp:
11/29/2011 6:37:50 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:bC7xaI0Vz11zeMcuA4g5BTPicuA4g5BTP1DRWYJLmG5JbCN1e:bOaI05heMk4g5Zik4g5ZZtLTbCve

Entry address:
0x22EE

Entry point:
55, 8B, EC, 6A, FF, 68, E8, 35, 40, 00, 68, 74, 24, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, DC, 31, 40, 00, 59, 83, 0D, CC, 41, 40, 00, FF, 83, 0D, D0, 41, 40, 00, FF, FF, 15, D8, 31, 40, 00, 8B, 0D, C0, 41, 40, 00, 89, 08, FF, 15, D4, 31, 40, 00, 8B, 0D, BC, 41, 40, 00, 89, 08, A1, D0, 31, 40, 00, 8B, 00, A3, C8, 41, 40, 00, E8, 16, 01, 00, 00, 39, 1D, B0, 40, 40, 00, 75, 0C, 68, 70, 24, 40, 00, FF, 15, CC, 31...
 
[+]

Entropy:
4.6753

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
8 KB (8,192 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
VHD TIPS

Command:
C:\Program Files\xtreaming technology inc\vhd client 2.0\traytips.exe


Scan TrayTips.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.