home

ALPass.exe

ALPass

ESTsoft Corp.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘ALPass’.
Publisher:
ESTsoft Corp.  (signed and verified)

Product:
ALPass

Version:
3, 5, 32, 6505

MD5:
98184e6832dab875a7b8109ecdb101ed

SHA-1:
f4ba1b4f262e0817aa6e6404c710581e6fcf2fce

SHA-256:
057adb96e318f110f057561b59da9b9c8a3e763bafc16e2bf6742bb7d19f98ad

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/13/2025 11:47:48 AM UTC  (today)

File size:
2 MB (2,060,984 bytes)

Product version:
3, 5, 32, 6505

Copyright:
Copyright (c) 2001-2008 ESTsoft corp.

Original file name:
ALPass.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
ESTsoft Corp.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
11/10/2006 5:23:47 PM

Valid to:
11/30/2008 2:31:43 PM

Subject:
CN=ESTsoft Corp., OU=Development Department, O=ESTsoft Corp., L=SEOUL, S=GYEONGGI-DO, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
211670CBFB606D88A36BC9831D019ABD

File PE Metadata
Compilation timestamp:
5/19/2008 3:19:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x8DE49

Entry point:
E8, 2A, 06, 00, 00, E9, D9, FC, FF, FF, CC, 68, CE, D7, 48, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, E0, 29, 56, 00, 31, 45, FC, 33, C5, 89, 45, E4, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, E4, 33, CD, E8, 64, F7, FF, FF, E9, 62, 02, 00, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, E0, 29, 56, 00, 33, C5...
 
[+]

Entropy:
6.3532

Code size:
1.1 MB (1,171,456 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ALPass

Command:
C:\noinstall program\alpass\alpass.exe \minimized


Scan ALPass.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.