» us.exe
Overview
Analysis
File Details
Behaviors (1)

us.exe

UltraSentry

IDM Computer Solutions, Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘UltraSentry’.

File name:

us.exe

Publisher:

IDM Computer Solutions, Inc. (signed and verified)

Product:

UltraSentry

Version:

15.0.0.15

MD5:

81e7245663242858def78e5f9ea40541

SHA-1:

53fbd99abf197ccd9af12d55e9ae2b630fb81e39

SHA-256:

36c7af5d1eac7729b0e36f96703d57e96d84824e4876219378c2f60988669506

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/24/2024 7:30:11 AM UTC (today)

File size:

10.5 MB (10,964,152 bytes)

Product version:

15.0.0.15

Original file name:

us.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\idm computer solutions\ultrasentry\us.exe

Digital Signature

Signed by:

IDM Computer Solutions, Inc.

Authority:

GoDaddy.com, Inc.

Valid from:

4/28/2014 8:26:46 PM

Valid to:

4/28/2017 8:26:46 PM

Subject:

CN="IDM Computer Solutions, Inc.", O="IDM Computer Solutions, Inc.", L=Hamilton, S=Ohio, C=US

Issuer:

CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

2B2E5F5FBA4B50

File PE Metadata

Compilation timestamp:

9/25/2015 6:12:37 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

196608:LEHpCBhUtk2UVL9nEZW5fRoQ4C6uO7kI17dfOhDhS:L2CBhUt3Uh9nEZkZoQ4C6uO7kYdKDk

Entry address:

0x516D4D

Entry point:

E8, 99, 6E, 01, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A0, 01, 00, 00, 81, F9, 80, 00, 00, 00, 72, 1C, 83, 3D, A8, 8B, DF, 00, 00, 74, 13, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 05, E9, 2F, D3, 00, 00, F7, C7, 03, 00, 00, 00, 75, 14, C1, E9, 02, 83, E2, 03, 83, F9, 08, 72, 29, F3, A5, FF, 24, 95, D0, 6E, 91, 00, 8B, C7, BA, 03, 00, 00, 00, 83, E9, 04, 72, 0C, 83... 
[+]

Code size:

6.8 MB (7,121,920 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

UltraSentry

Command:

C:\Program Files\idm computer solutions\ultrasentry\us.exe -a

Scan us.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.