home

client.exe

Brave Software, Inc.

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
Brave Software, Inc.  (signed and verified)

Version:
0.0.0.0

MD5:
f04cc9f990f7024a8d48954c7a4a3533

SHA-1:
0966a18e6e9ee7b6ab3f6458a93fd9ccfa2cd3f3

SHA-256:
498b2539f1f1d366617c2b34d2331b2b0ffbfcf58fea0059413b11d2ddfcfa8c

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/27/2024 5:47:09 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/GenKryptik.XEU trojan
6.3.12010.0

File size:
1.4 MB (1,468,928 bytes)

Product version:
0.0.0.0

Original file name:
agu.scr

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\ProgramData\client\client.exe

Digital Signature
Signed by:
Brave Software, Inc.

Authority:
DigiCert Inc

Valid from:
1/5/2016 3:00:00 AM

Valid to:
3/9/2018 3:00:00 PM

Subject:
CN="Brave Software, Inc.", O="Brave Software, Inc.", L=San Francisco, S=California, C=US

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F78BBA99E61B1A4B1FE0BE677D693E7

File PE Metadata
Compilation timestamp:
3/9/2017 10:08:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x122CCE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8864

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.1 MB (1,183,232 bytes)

Scheduled Task
Task name:
Client Monitor

Trigger:
Logon (Runs on logon)


Scan client.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.