home

Config365.exe

Config365

Kaseya Development, LLC

Publisher:
MessageOps LLC  (signed by Kaseya Development, LLC)

Product:
Config365

Version:
1.0.0.0

MD5:
b26aca76bf01b0e87bb98084b336ab7f

SHA-1:
4d94e2f7c72b52d8263a69f889c724b5e0da154c

SHA-256:
c61e2e257c6bc1cbd3e0d1e7256b3cf9fb5275a8171b5628c5caf685d0b0c307

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/6/2024 4:44:41 AM UTC  (today)

File size:
99.3 KB (101,656 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © MessageOps LLC 2011

Original file name:
Config365.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\config365.exe

Digital Signature
Signed by:
Kaseya Development, LLC

Authority:
GlobalSign nv-sa

Valid from:
2/20/2013 1:11:44 PM

Valid to:
5/20/2016 2:11:44 PM

Subject:
CN="Kaseya Development, LLC", O="Kaseya Development, LLC", S=CA, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217775DE310887760FCF6C9CF0296D8200

File PE Metadata
Compilation timestamp:
2/27/2015 3:21:02 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:1P6Z4DGAIPWbCrmRyDuRjAzUnCUPGAIwC:1P6eDGU+duRAz4RPGh

Entry address:
0x126DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.6736

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
66 KB (67,584 bytes)

The file Config365.exe has been seen being distributed by the following 4 URLs.

http://portal.drivenbrands.com/config365.exe

http://www.messageops.com/.../Config365.exe

https://help.lincloan.com/.../Config365.exe

http://messageops.com/.../Config365.exe

Scan Config365.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.