home

vdeck.exe

HDAudioCPL

VIA

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘HDAudDeck’.
Publisher:
VIA

Product:
HDAudioCPL

Description:
VIA HD Audio CPL

Version:
7.6.00.30

MD5:
5b423ac957cef8d1aeb6954d492294d8

SHA-1:
0db325003986e7d14d50ea807bcab4698c0e0014

SHA-256:
98b13b3c06ea62ccf8d0f90e39470b08545a813f82ee309e45bd7f9c2db20ada

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 11:58:31 PM UTC  (a few moments ago)

File size:
2.6 MB (2,763,776 bytes)

Product version:
7.6.00.30

Copyright:
(c) <VIA>. All rights reserved.

Original file name:
HDAudioCPL.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\via\viaudioi\vdeck\vdeck.exe

File PE Metadata
Compilation timestamp:
10/28/2009 10:29:19 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:tx3oSyY/gchH3cFUOK+MyAWz5KbLhfvclJoKZHhm9jL:6e3sYyAWz0hfvcgKZBm9jL

Entry address:
0x37E60

Entry point:
48, 83, EC, 28, E8, E7, 74, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 30, 4D, 85, C9, 49, 8B, D9, 49, 8B, F0, 48, 8B, FA, 74, 52, 48, 85, C9, 75, 38, E8, 49, 3A, 00, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 48, C7, 44, 24, 20, 00, 00, 00, 00, C7, 00, 16, 00, 00, 00, E8, 3B, 19, 00, 00, B8, 16, 00, 00, 00, 48, 8B, 5C, 24, 40, 48, 8B, 74, 24, 48, 48, 83, C4, 30, 5F, C3, 4D, 85, C0, 74, 22, 48...
 
[+]

Entropy:
5.4283

Code size:
1.5 MB (1,588,736 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
HDAudDeck

Command:
C:\Program Files\via\viaudioi\vdeck\vdeck.exe -r


Scan vdeck.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.