home

AntiLogger.exe

Zemana AntiLogger

Zemana Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AntiLogger’.
Publisher:
Zemana Ltd.  (signed and verified)

Product:
Zemana AntiLogger

Description:
Zemana AntiLogger User Interface

Version:
1.9.2.206

MD5:
3654df63365204b408d21ec67a89dbec

SHA-1:
97f0a5f108a69969c4633f162584108a17a5b725

SHA-256:
7f8839d647812150047ee975ecffe0cbf330101136489d61cc7521e23a8faa30

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 3:23:55 PM UTC  (today)

File size:
2.3 MB (2,390,888 bytes)

Product version:
1.9.2.0

Copyright:
© Zemana Ltd. All rights reserved.

Trademarks:
AntiLogger(tm) is a trademark of Zemana Ltd.

Original file name:
AntiLogger.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\antilogger\antilogger.exe

Digital Signature
Signed by:
Zemana Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/15/2009 1:00:00 AM

Valid to:
12/16/2010 12:59:59 AM

Subject:
CN=Zemana Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Zemana Ltd., L=Sofia, S=Lozenetz, C=BG

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
009328EAED0B63EC18CF9EF6A8623B40

File PE Metadata
Compilation timestamp:
6/8/2010 9:19:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:u08sVRzQDTQyEgg6q64VDfZ0Sh2vctnu0wepQiqAG:j8GknfS6kJfjhfAkPqD

Entry address:
0x1000

Entry point:
68, 01, 70, B0, 00, E8, 01, 00, 00, 00, C3, C3, 46, 20, 4E, E3, 50, 8F, 87, 6F, D6, F0, 65, C2, E1, F4, 3B, 00, E8, CE, 38, 9D, A0, 02, 3C, EA, 8C, F9, AA, C1, F3, 62, B4, 4C, DB, 12, C2, 0D, A8, 1B, 2C, 15, E8, 90, 2F, 94, 0C, BF, AB, EE, 03, 1B, 7B, F8, 34, 13, D7, 52, 2B, 4A, 72, DF, DC, 7A, 15, 86, 89, 8C, EC, 59, F9, F1, 9C, 30, 5D, B6, 0C, 2A, 22, DA, EA, EF, 23, 96, C9, 0B, 76, 40, 94, D8, 50, FE, 49, 4B, 04, C8, 60, E0, E9, 16, AE, CB, 6F, A9, 88, C1, 32, B7, 06, 69, 46, E1, B6, 38, 58, 39, A1, 7B...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
1.9 MB (1,970,176 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AntiLogger

Command:
"C:\Program Files\antilogger\antilogger.exe" \minimized


Scan AntiLogger.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.