home

bmdnetclient.exe

BMD Systemhaus GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘BMDNetClient_EFEF-SRV’.
Publisher:
BMD Systemhaus GmbH  (signed and verified)

Version:
2011.14.6.26

MD5:
0b39625d8a78c8728f1b2e857ae9bcfc

SHA-1:
e80e9750f754e94f518417a0a6737dbfff752a51

SHA-256:
3c8413207ab9f555058652af87b23e8088d1b06c4bd16dccd88d0e2bcaa27025

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/8/2024 3:36:56 AM UTC  (today)

File size:
28.1 MB (29,457,616 bytes)

Product version:
2011.14.6.26

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\Documents and Settings\{user}\Application data\bmdntcs\bmdntcsclients\efef-srv\bmdnetclient.exe

Digital Signature
Signed by:
BMD Systemhaus GmbH

Authority:
VeriSign, Inc.

Valid from:
1/12/2011 1:00:00 AM

Valid to:
1/13/2012 12:59:59 AM

Subject:
CN=BMD Systemhaus GmbH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BMD Systemhaus GmbH, L=Steyr, S=Upper Austria, C=AT

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
42492FBB8B63F0A28B0D7F371DD476F8

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:hxm5hhpO7l9X+1suVuIjjrrI4uqJMAp7CITHIA0UPpB7yjaz8UfypmmBlDsEeg0Z:KO7l9X+1suVXuf9gHc6N5L3

Entry address:
0x182B1AC

Entry point:
55, 8B, EC, 83, C4, F0, B8, 0C, 6E, C1, 01, E8, 78, DA, 7D, FE, A1, CC, C7, D1, 01, 8B, 00, E8, A8, 55, 8D, FE, 8B, 0D, 04, C3, D1, 01, A1, CC, C7, D1, 01, 8B, 00, 8B, 15, 9C, 0A, C0, 01, E8, B0, 55, 8D, FE, A1, CC, C7, D1, 01, 8B, 00, E8, 38, 56, 8D, FE, E8, C3, AC, 7D, FE, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 13, 8B, C0, 00, 8D, 40, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
24.2 MB (25,338,368 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
BMDNetClient_EFEF-SRV

Command:
"C:\Documents and Settings\{user}\Application data\bmdntcs\bmdntcsclients\efef-srv\bmdnetclient.exe" \update


Scan bmdnetclient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.