home

ddnsclient.exe

Enterprise DDNS Client

Dynamic DNS Services http://www.dyndnsservices.com

It runs as a separate (within the context of its own process) windows Service named “DDNS Enterprise Client”.
Publisher:
Dynamic DNS Services http://www.dyndnsservices.com

Product:
Enterprise DDNS Client

Description:
DDNS Enterprise Windows Service.

Version:
2.0.0.0

MD5:
e4d804dc7f1e6f6517f584a2e0e59bda

SHA-1:
b21c5127f03c994ad27c34aee8d951826c3dfb3e

SHA-256:
79ec526e24216fd755d54cba2d6f10da0722639aa341fbdb7faf6546529824e0

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
1/2/2025 5:26:11 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Variant.Zusy.16172
8.14.03.13.03

File size:
52 KB (53,248 bytes)

Product version:
2.0.0.0

Copyright:
Copyright © 2009

Original file name:
ddnsclient.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\enterprise ddns client\ddnsclient.exe

File PE Metadata
Compilation timestamp:
7/24/2010 12:22:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:LzJxTblAA5h+1yyQVls48+GxjgaRIEZ1E7CiIerqRQrF9CnAao:3Jxfh/+ZQL19EZ1EZvraQr

Entry address:
0x763E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.2707

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
24 KB (24,576 bytes)

Service
Display name:
DDNS Enterprise Client

Description:
Update compent for the DDNS Enterprise Client.

Type:
Win32OwnProcess


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to nightowldvr.com  (96.31.84.240:80)

Scan ddnsclient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.