» duet.exe
Overview
Analysis
File Details
Behaviors (1)

duet.exe

Duet Display

Kairos Technologies, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Duet Display’.

File name:

duet.exe

Publisher:

Duet, Inc. (signed by Kairos Technologies, Inc.)

Product:

Duet Display

Version:

1.4.5.3

MD5:

d7a33174d3ac0766579448497311c1f5

SHA-1:

38b0893d7e61c1853c33decffe62585be8b70034

SHA-256:

5cbe36b2d39b54e9aab2c9364eb876257334c8670c3217428bf139d81243f42d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/28/2024 3:19:54 AM UTC (today)

File size:

1.8 MB (1,853,040 bytes)

Product version:

1.4.5.3

Original file name:

DuetDisp.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\Program Files\kairos\duet display\duet.exe

Digital Signature

Signed by:

Kairos Technologies, Inc.

Authority:

DigiCert Inc

Valid from:

4/22/2015 6:00:00 PM

Valid to:

4/26/2018 6:00:00 AM

Subject:

CN="Kairos Technologies, Inc.", O="Kairos Technologies, Inc.", L=Miami, S=Florida, C=US, PostalCode=33131, STREET=325 S Biscayne Blvd, STREET=UPH 17, SERIALNUMBER=P15000001077, OID.1.3.6.1.4.1.311.60.2.1.2=Florida, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

09F6D17ADBD7197A188DC6E64D8998D7

File PE Metadata

Compilation timestamp:

10/27/2016 8:33:24 AM

OS version:

6.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x6D760

Entry point:

48, 83, EC, 28, E8, 53, 07, 00, 00, 48, 83, C4, 28, E9, 02, 00, 00, 00, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 70, 10, 57, 48, 83, EC, 30, 48, 83, 60, F0, 00, 83, 60, E8, 00, FF, 15, 75, A2, 0D, 00, 0F, B7, F0, 65, 48, 8B, 0C, 25, 30, 00, 00, 00, 48, 8B, 51, 08, 33, DB, 33, C0, F0, 48, 0F, B1, 15, 88, 29, 0D, 00, 74, 0E, 48, 3B, C2, 75, 07, BB, 01, 00, 00, 00, EB, 02, EB, E5, 8B, 05, 86, 29, 0D, 00, 83, F8, 01, 75, 0A, 8D, 48, 1E, E8, F5, 05, 00, 00, EB, 3F, 8B, 05, 71, 29, 0D, 00, 85, C0, 75, 2B, C7... 
[+]

Entropy:

5.8923

Code size:

480.5 KB (492,032 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Duet Display

Command:

C:\Program Files\kairos\duet display\duet.exe

Scan duet.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.