cfosspeed.exe

cFosSpeed Window

cFos Software GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘cFosSpeed’.
Publisher:
cFos Software GmbH  (signed and verified)

Product:
cFosSpeed Window

Version:
10.14.2274

MD5:
1f26038becf646623628ec7d38d161c7

SHA-1:
038c0e904946741e066e89cc375d138bda9d2fdf

SHA-256:
141699f1926ce9af616c7e210ce962a2bdf9d789571d3f0fab7f5900cb82e6e0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 5:27:59 AM UTC  (today)

File size:
1.2 MB (1,257,520 bytes)

Product version:
10.14.2274

Copyright:
Copyright © Lueders/Winkler 2003-2016

Original file name:
cfosspeed.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\cfosspeed\cfosspeed.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
2/4/2016 7:41:20 AM

Valid to:
12/11/2016 9:19:33 AM

Subject:
CN=cFos Software GmbH, O=cFos Software GmbH, L=Bonn, S=Nordrhein-Westfalen, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11216C3DBB7BA61B1CB1344FA298CDFAD287

File PE Metadata
Compilation timestamp:
6/29/2016 1:16:56 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
24576:RRz/YHDcm2OJNpcOimikl0xz8GWFYL6i2WwY:RJmDTXPyOiuEz8GCYLdpwY

Entry address:
0xA0E90

Entry point:
E8, D6, 04, 00, 00, E9, 80, FE, FF, FF, CC, CC, CC, CC, CC, CC, 80, F9, 40, 73, 15, 80, F9, 20, 73, 06, 0F, A5, C2, D3, E0, C3, 8B, D0, 33, C0, 80, E1, 1F, D3, E2, C3, 33, C0, 33, D2, C3, CC, 80, F9, 40, 73, 15, 80, F9, 20, 73, 06, 0F, AD, D0, D3, EA, C3, 8B, C2, 33, D2, 80, E1, 1F, D3, E8, C3, 33, C0, 33, D2, C3, 3B, 0D, 64, 11, 50, 00, F2, 75, 02, F2, C3, F2, E9, 07, 06, 00, 00, FF, 25, DC, E5, 4B, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 64, 11...
 
[+]

Entropy:
6.6462

Code size:
754.5 KB (772,608 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
cFosSpeed

Command:
C:\Program Files\cfosspeed\cfosspeed.exe


Scan cfosspeed.exe - Powered by Reason Core Security