home

zentimo.exe

Zentimo

Crystal Rich Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Zentimo xStorage Manager’.
Publisher:
Crystal Rich Ltd  (signed and verified)

Product:
Zentimo

Description:
Zentimo - An External Drive Manager

Version:
1.8.1.1225

MD5:
adfb1543eb79028cdf05d54fc929f13c

SHA-1:
585d02c717340c5aa3e62b061339421f39c04187

SHA-256:
1b9a1d4f0edcdc67328acdfed4e42568742001d68f889cb7983328260943747b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 7:30:35 AM UTC  (today)

File size:
2.5 MB (2,594,104 bytes)

Product version:
1.8.1.1225

Copyright:
Copyright © 2013 by Crystal Rich Ltd

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\zentimo\zentimo.exe

Digital Signature
Signed by:
Crystal Rich Ltd

Authority:
VeriSign, Inc.

Valid from:
12/16/2012 4:00:00 AM

Valid to:
1/16/2014 3:59:59 AM

Subject:
CN=Crystal Rich Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Crystal Rich Ltd, L=Saint Petersburg, S=Saint Petersburg, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1A3971F7D5A04EBA878183D0A57E1EC1

File PE Metadata
Compilation timestamp:
1/21/2013 11:50:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:3gNZ/5IR5I4CaX7mk63meKk175jM9piitsLFtxTR+Y1L:IZ/5m5HLm9QkGsLFtxd1L

Entry address:
0x1000

Entry point:
68, 01, C0, A3, 00, E8, 01, 00, 00, 00, C3, C3, EC, 8A, B2, AD, 81, A0, F9, BE, 0D, 08, 65, 5B, 04, 5D, E3, 3D, 99, CE, 10, F7, FC, 6B, 1D, 65, 48, C1, BA, C2, 2E, 31, 97, 1C, CF, 77, CF, FA, BB, 83, 23, 53, 3C, B1, 7B, BE, FD, AA, 99, 54, 98, 79, 7F, 17, 15, BE, E7, 91, 7D, 8B, 52, F6, 55, 3C, 83, BB, D5, B4, 36, 76, 3A, 00, 13, E7, 81, 15, AD, 14, 5F, A2, EC, 89, 55, 9F, A9, CB, CF, BB, 56, 3D, B6, 1E, F0, DE, 14, 13, C2, A0, A3, 73, 22, 49, B5, 5F, 63, D2, AB, E4, AB, 48, 34, DA, 5D, 03, 53, C5, 86, 18...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
4.2 MB (4,358,656 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Zentimo xStorage Manager

Command:
C:\Program Files\zentimo\zentimo.exe \startup


Scan zentimo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.