» xcloudclient.exe
Overview
Analysis
File Details
Behaviors (1)

xcloudclient.exe

Diting Tech. Ltd.

It runs as a separate (within the context of its own process) windows Service named “xCloud”.

File name:

xcloudclient.exe

Publisher:

Diting Tech. Ltd. (signed and verified)

MD5:

239a46b8139f4b267f12b0ea5774eb8b

SHA-1:

af187d44b17c1f84545edc2c63578fdf04a494c7

SHA-256:

423de311cd9e57879a9f7d7ec285848eb4d6f6a7ca57808f9e6322b5dd35664e

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 11:48:13 PM UTC (a few moments ago)

File size:

1.1 MB (1,144,856 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\xcloud\bin\xcloudclient.exe

Digital Signature

Signed by:

Diting Tech. Ltd.

Authority:

COMODO CA Limited

Valid from:

8/15/2012 8:00:00 PM

Valid to:

8/16/2013 7:59:59 PM

Subject:

CN=Diting Tech. Ltd., O=Diting Tech. Ltd., STREET="D6-B1, Software Park", L=Chengdu, S=Sichuan, PostalCode=610041, C=CN

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00FE68F785065FDFFB6AF632B3C5144FB8

File PE Metadata

Compilation timestamp:

2/5/2013 2:35:07 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

24576:6BeSrMz8qCCOrh3DXDkes7U8PQzVO9b89st645jp:6BemDq6dQs8N9b896669

Entry address:

0xE0C00

Entry point:

E8, F4, 08, 00, 00, E9, B3, FD, FF, FF, 6A, 14, 68, E0, 5C, 4F, 00, E8, 3A, 08, 00, 00, FF, 35, 14, DB, 50, 00, 8B, 35, 5C, 60, 4E, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, 04, 63, 4E, 00, 59, EB, 64, 6A, 08, E8, 61, 09, 00, 00, 59, 83, 65, FC, 00, FF, 35, 14, DB, 50, 00, FF, D6, 89, 45, E4, FF, 35, 10, DB, 50, 00, FF, D6, 89, 45, E0, 8D, 45, E0, 50, 8D, 45, E4, 50, FF, 75, 08, 8B, 35, 60, 60, 4E, 00, FF, D6, 50, E8, 27, 09, 00, 00, 83, C4, 0C, 89, 45, DC, FF, 75, E4, FF, D6, A3, 14... 
[+]

Entropy:

6.7724

Code size:

916 KB (937,984 bytes)

Service

Display name:

xCloud

Description:

Provides xCloud data transmitting supports.

Type:

Win32OwnProcess

Scan xcloudclient.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.