home

attendcommunicator.exe

Lenvica Computer Solutions Pvt Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Attend Communicator’.
Publisher:
Lenvica Computer Solutions Pvt Ltd  (signed and verified)

MD5:
9d9ac8ac0fed487c6a1aad3e18bbcd91

SHA-1:
c421342c1f51e22558f2d5fabe9b7f4d0ad099ef

SHA-256:
cbe72e64a0cc21a3adde860cf1dc8ba1219726368bc1bd974e6c62b285adc476

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/14/2024 2:38:51 AM UTC  (today)

File size:
2 MB (2,119,344 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\attend hrm\bin\attendcommunicator.exe

Digital Signature
Signed by:
Lenvica Computer Solutions Pvt Ltd

Authority:
COMODO CA Limited

Valid from:
1/15/2014 5:30:00 AM

Valid to:
1/15/2017 5:29:59 AM

Subject:
CN=Lenvica Computer Solutions Pvt Ltd, O=Lenvica Computer Solutions Pvt Ltd, STREET="#10, Novel Business Center", STREET=BTM 1st Stage, L=Bangalore, S=Karnataka, PostalCode=560068, C=IN

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D082AA9AF6C30354CC52B532AFEA908E

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1B6AA4

Entry point:
55, 8B, EC, 83, C4, EC, 33, C0, 89, 45, EC, B8, 9C, 60, 5B, 00, E8, 53, 0A, E5, FF, 33, C0, 55, 68, 90, 6B, 5B, 00, 64, FF, 30, 64, 89, 20, 8B, 0D, 48, 20, 5C, 00, 8B, 09, 8D, 45, EC, BA, A4, 6B, 5B, 00, E8, E0, E3, E4, FF, 8B, 45, EC, E8, 84, E5, E4, FF, 50, 6A, FF, 6A, 00, E8, 42, 0C, E5, FF, A3, 90, 7B, 5C, 00, 33, C0, 55, 68, 73, 6B, 5B, 00, 64, FF, 30, 64, 89, 20, 83, 3D, 90, 7B, 5C, 00, 00, 74, 47, E8, 71, 0D, E5, FF, 3D, B7, 00, 00, 00, 74, 3B, A1, E0, 28, 5C, 00, 8B, 00, E8, 32, 1F, EB, FF, A1, E0...
 
[+]

Entropy:
6.6629

Developed / compiled with:
Microsoft Visual C++

Code size:
1.7 MB (1,793,024 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Attend Communicator

Command:
C:\Program Files\attend hrm\bin\attendcommunicator.exe


Scan attendcommunicator.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.