home

vidontray2.exe

VidOn Server

VidOn.me Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘VidOnTray’.
Publisher:
VidOn.me Inc.  (signed and verified)

Product:
VidOn Server

Description:
VidOnTray

Version:
Beta

MD5:
9ea5938ffa8c825f52a049e8e032ed7d

SHA-1:
dbacd04add97a9ae752416846cd61344bbc5ef56

SHA-256:
1745d6192df2e0198dbf1026825aaba81dd41b4ff709f933e7f9adc6c3c10910

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
8/2/2025 5:17:18 AM UTC  (today)

File size:
4.1 MB (4,272,328 bytes)

Product version:
Beta

Copyright:
Copyright (c) VidOn.me. All rights reserved.

Original file name:
VidOnTray

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\vidon server 2\vidontray2.exe

Digital Signature
Signed by:
VidOn.me Inc.

Authority:
GlobalSign nv-sa

Valid from:
12/30/2015 12:39:51 PM

Valid to:
7/25/2016 6:25:18 PM

Subject:
E=info@vidon.me, CN=VidOn.me Inc., O=VidOn.me Inc., L=Beijing, S=Beijing, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11219EB6F00A949538ED4965396CAF6E3431

File PE Metadata
Compilation timestamp:
7/8/2016 10:03:00 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:LyPPYBJzetwocqeCnfGHj3pnCzB7Ku0GaXOdelHpBAUZLYSkWrcV8O6EW:qPYHze6bq1eHhIsJBAUZLb

Entry address:
0x10C232

Entry point:
E8, ED, 0A, 00, 00, E9, 6B, FD, FF, FF, 3B, 0D, 30, 1A, 66, 00, 75, 02, F3, C3, E9, 74, 0B, 00, 00, CC, FF, 25, C4, B4, 52, 00, FF, 25, B8, B4, 52, 00, FF, 25, B4, B4, 52, 00, FF, 25, B0, B4, 52, 00, FF, 25, AC, B4, 52, 00, 8B, FF, 55, 8B, EC, F6, 45, 08, 02, 57, 8B, F9, 74, 25, 56, 68, 06, CF, 50, 00, 8D, 77, FC, FF, 36, 6A, 0C, 57, E8, 59, 01, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, CD, FF, FF, FF, 59, 8B, C6, 5E, EB, 14, E8, 64, 0C, 00, 00, F6, 45, 08, 01, 74, 07, 57, E8, B6, FF, FF, FF, 59, 8B, C7, 5F...
 
[+]

Entropy:
6.3382

Code size:
1.2 MB (1,220,096 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
VidOnTray

Command:
"C:\Program Files\vidon server 2\vidontray2.exe" \autorun


Scan vidontray2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.