home

Bezeq.bclient.exe

Bezeq.bclient

Paralert Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘bcontrol’.
Publisher:
Paralert Ltd  (signed and verified)

Product:
Bezeq.bclient

Version:
1.0.0.0

MD5:
d31149a756dcf2932a14177bf3cae064

SHA-1:
3afc037d44ff684cd2ba82ac4c22f991f5e4beb6

SHA-256:
d96f8dc6654545ec5b8633b338c0fbc88531f1aaa63802ef227f538a7069c635

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 1:34:03 AM UTC  (today)

File size:
48.4 KB (49,600 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Original file name:
Bezeq.bclient.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\bcontrol\bezeq.bclient.exe

Digital Signature
Signed by:
Paralert Ltd

Authority:
COMODO CA Limited

Valid from:
11/27/2015 2:00:00 AM

Valid to:
11/27/2016 1:59:59 AM

Subject:
CN=Paralert Ltd, O=Paralert Ltd, STREET=4 Sitakov Isasscar, L=ramat gan, S=Rehovot, PostalCode=7629406, C=IL

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
28E5C66D26E600792CDEC4714B5687EE

File PE Metadata
Compilation timestamp:
8/12/2016 10:29:36 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
48.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:8meiUezDxkAPKiUB+M6Pz4XJXauET14VxDjUjjOAD9DOv7DJietiU:QFwFeBh6P8hX21kEPvD9Dg7DJietiU

Entry address:
0xC982

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 33, 00, 00, 00, 66, 00, 00, 00, 99, 00, 00, 00, CC, 00, 00, 00, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0772

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
42.5 KB (43,520 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
bcontrol

Command:
"C:\Program Files\bcontrol\bezeq.bclient.exe"


Scan Bezeq.bclient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.