dd.exe

IP Labs GmbH

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Device Detection’.
Publisher:
IP Labs GmbH  (signed and verified)

Version:
1.14.2.0

MD5:
13ee24288a4802a2353ff10d3fc5584f

SHA-1:
9d6bd41d73c8e68783a21b4cfa94640a6cf287b7

SHA-256:
7b384236e65187bbcaf333cf5ed4c80890723be06963295e5e29c40ad5e0ef57

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 1:30:13 PM UTC  (today)

File size:
828.3 KB (848,160 bytes)

Product version:
1.0

Copyright:
Copyright (C) 2016 by ip.labs GmbH

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\zooma\dd.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
12/21/2015 2:00:00 AM

Valid to:
6/17/2016 2:59:59 AM

Subject:
CN=IP Labs GmbH, OU=APPLICATION DEVELOPMENT, O=IP Labs GmbH, L=Bonn, S=Nordrhein-Westfalen, C=DE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
65ECE2C83A1BF44C1DBACCD6CAAE4A6E

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:0KdeVr73+wtnwDD9G6dDhsrxTu/lNyYMG/UTBHEJ/hUB4EEzD:Tdg/+wtnAG6dD6Tu/n9McupElhUyD

Entry address:
0xA7FF8

Entry point:
55, 8B, EC, 83, C4, F0, B8, B8, 68, 4A, 00, E8, 70, F1, F5, FF, E8, 17, DE, FF, FF, E8, B2, C9, F5, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6178

Developed / compiled with:
Microsoft Visual C++

Code size:
668.5 KB (684,544 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Device Detection

Command:
C:\Program Files\zooma\dd.exe


Scan dd.exe - Powered by Reason Core Security