» daty4.exe
Overview
Analysis
File Details
Behaviors (1)

daty4.exe

Agelong Tree Reminder

Genery Software

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Agelong Tree Reminder 4’.

File name:

daty4.exe

Publisher:

Genery Software (signed and verified)

Product:

Agelong Tree Reminder

Version:

4.0.10.12

MD5:

91ad06a784db994932b933e5b34ff359

SHA-1:

88b8063a430425ecd04ee3b4aa490c3e25ecc95f

SHA-256:

c7c29b24ac55468f2a09f43fc6acbfe158db3940f6c6d523f84b5899754726b3

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

1/12/2025 2:04:35 PM UTC (today)

Scan engine

Detection

Engine version

F-Secure

Adware.Agent.PJT

5.13.68

File size:

2.4 MB (2,526,024 bytes)

Product version:

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\genery software\daty 4\daty4.exe

Digital Signature

Signed by:

Genery Software

Authority:

VeriSign, Inc.

Valid from:

12/1/2010 3:00:00 AM

Valid to:

12/2/2011 2:59:59 AM

Subject:

CN=Genery Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Genery Software, L=Barnaul, S=Altai Krai, C=RU

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

30BF6B39E00CA2E1FA6AB908BA87F5FA

File PE Metadata

Compilation timestamp:

10/12/2011 4:51:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:CLnglRAAmFAnFI6hnDrEFDcqaJq56W//t:CLCRJmFAn6eApc5Jq8W3t

Entry address:

0x1000

Entry point:

68, 01, 80, 90, 00, E8, 01, 00, 00, 00, C3, C3, A5, 81, 3B, 53, 00, 71, 40, FD, E9, EA, 54, 7B, 5D, FE, DA, AC, B9, 8B, BA, 2D, F3, 76, 71, 50, 98, 83, 91, CB, 7B, 6E, 51, 66, 55, E6, 69, 0B, DF, 4F, 0F, C1, 4F, C6, 6B, 5C, 2F, 69, 9B, 88, 79, F3, 4F, AB, 2F, 40, D8, 16, F8, C9, 37, AD, 53, 99, F0, 89, BB, 13, 8B, 54, 37, 8B, 51, 8F, 7B, 3B, DF, 98, BA, 5A, 88, E4, 99, 53, F8, 2A, 9A, 7B, 92, 48, 2B, 12, A3, D3, 01, 1E, F4, 69, 87, C0, 7B, 20, D3, 8C, 36, 8E, 6E, F3, CD, A7, 56, 4E, AB, C1, 2F, DA, F1, C9... 
[+]

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

3.2 MB (3,367,936 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Agelong Tree Reminder 4

Command:

"C:\Program Files\genery software\daty 4\daty4.exe" 1

Scan daty4.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.