» {29d6021d-55b8-4434-a9fb-563b519bbf36}.exe
Overview
Analysis
File Details

{29d6021d-55b8-4434-a9fb-563b519bbf36}.exe

Solucoes e Suporte Informatica SC LTDA

The executable {29d6021d-55b8-4434-a9fb-563b519bbf36}.exe has been detected as malware by 1 anti-virus scanner.

File name:

Publisher:

Solucoes e Suporte Informatica SC LTDA (signed and verified)

MD5:

efa8fdf865d59f7b049e45e2e0f1bd6f

SHA-1:

2a92e34c2f43ec092ec1f3277c2b15b27f156834

SHA-256:

21e5f3b7109810015c268599053e661145797c737a65793002d432c472f5cecd

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

12/29/2024 2:36:44 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.1.10.6

File size:

34.7 KB (35,552 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\ProgramData\hcyrpars\{29d6021d-55b8-4434-a9fb-563b519bbf36}.exe

Digital Signature

Signed by:

Solucoes e Suporte Informatica SC LTDA

Authority:

TrustSign Certificadora Digital

Valid from:

4/1/2014 9:00:00 PM

Valid to:

4/2/2015 8:59:59 PM

Subject:

CN=Solucoes e Suporte Informatica SC LTDA, O=Solucoes e Suporte Informatica SC LTDA, STREET=Trav. Xaxado 123, L=São Paulo, S=SP, PostalCode=02273-130, C=BR

Issuer:

CN=TrustSign BR Certification Authority (Code Signing), OU=Security Dept., O=TrustSign Certificadora Digital, C=BR

Serial number:

21B0868DD431FC122697F94B12823B82

File PE Metadata

Compilation timestamp:

4/24/2014 10:16:32 AM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

2.23

Entry address:

0x14B0

Entry point:

48, 83, EC, 28, C7, 05, 92, 95, 00, 00, 01, 00, 00, 00, E8, 6D, 2A, 00, 00, E8, B8, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 90, 48, 83, EC, 28, C7, 05, 72, 95, 00, 00, 00, 00, 00, 00, E8, 4D, 2A, 00, 00, E8, 98, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 90, 56, 53, 8B, 1A, 33, 19, 8B, 42, 04, 33, 41, 04, 89, DA, 41, 89, D9, 0F, B6, F7, C1, EA, 10, 41, C1, E9, 18, 4D, 63, C9, 0F, B6, D2, 8B, 94, 91, 48, 04, 00, 00, 42, 03, 54, 89, 48, 44, 0F, B6, CB, 33, 94, B1, 48, 08, 00, 00, 33, 59, 08, 42, 03, 94, 89, 48... 
[+]

Code size:

15 KB (15,360 bytes)

Remove {29d6021d-55b8-4434-a9fb-563b519bbf36}.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.