home

CertificateLoader.exe

Sony FeliCa PKI Option IV

Sony Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Felica PkiOption Certificate loader’.
Publisher:
Sony Corporation  (signed and verified)

Product:
Sony FeliCa PKI Option IV

Description:
CertificateLoader

Version:
4.0.0.0

MD5:
237790271e67ad0df41fc1c5ccccd3c3

SHA-1:
d4e272f16f755ba095830402a0b4cc6c70387457

SHA-256:
00e16f86f934e64af147cca5487fc2d802336575702bb86697f6ba955d00c94b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 5:41:55 AM UTC  (today)

File size:
301.9 KB (309,096 bytes)

Product version:
4.0.0.0

Copyright:
Copyright (c) 2007,2010 Sony Corporation. All rights reserved.

Original file name:
CertificateLoader.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\sony\sony felica pki option\certificateloader.exe

Digital Signature
Signed by:
Sony Corporation

Authority:
VeriSign, Inc.

Valid from:
6/22/2010 8:00:00 AM

Valid to:
6/23/2011 7:59:59 AM

Subject:
CN=Sony Corporation, OU=FeliCa Business Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Sony Corporation, L=Shinagawa-ku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0A55E35409222FE482ABB5B2954F4043

File PE Metadata
Compilation timestamp:
8/16/2010 8:28:20 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:gO5DNaJMJVZqeDgHaydYJ0dM6UO3DcYgjzoh9TVX1RAIl:H5D8JM/5gH9zdM6UgcohBzl

Entry address:
0x17168

Entry point:
48, 83, EC, 28, E8, 2F, 5D, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 48, F7, D9, 48, A9, 07, 00, 00, 00, 74, 0F, 66, 90, 8A, 10, 48, FF, C0, 84, D2, 74, 5F, A8, 07, 75, F3, 49, B8, FF, FE, FE, FE, FE, FE, FE, 7E, 49, BB, 00, 01, 01, 01, 01, 01, 01, 81, 48, 8B, 10, 4D, 8B, C8, 48, 83, C0, 08, 4C, 03, CA, 48, F7, D2, 49, 33, D1, 49, 23, D3, 74, E8, 48, 8B, 50, F8, 84, D2, 74, 51, 84, F6, 74, 47, 48, C1, EA...
 
[+]

Entropy:
6.3148

Code size:
154 KB (157,696 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Felica PkiOption Certificate loader

Command:
"C:\Program Files\sony\sony felica pki option\certificateloader.exe"


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.