» gerenciadorlocal.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (2)

gerenciadorlocal.exe

Gerenciador Local

Positivo Informática SA

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Deskmedia’. This is installed with multiple programs including Canal de Ofertas and Canal Positivo.

File name:

Publisher:

Positivo Informática (signed by Positivo Informática SA)

Product:

Gerenciador Local

Version:

1.0.0.80

MD5:

b22e6ce38273696e77b7d88365c7d075

SHA-1:

a79d7b4ccfd132e6db768844662ced209039d5a0

SHA-256:

c32d01cda84300e163e774f43f300c3654febd8839665ed750e83d80caf1c988

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/29/2024 9:03:53 AM UTC (today)

File size:

1.3 MB (1,347,488 bytes)

Product version:

1.0.0.80

Original file name:

Gerencia.exe

File type:

Executable application (Win64 EXE)

Language:

Brazilian Portuguese

Digital Signature

Signed by:

Positivo Informática SA

Authority:

Symantec Corporation

Valid from:

3/4/2016 9:00:00 PM

Valid to:

4/4/2017 8:59:59 PM

Subject:

CN=Positivo Informática SA, O=Positivo Informática SA, L=Curitiba, S=Paraná, C=BR

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

4FE5A3619D0C5175FDAF0C6A254B1BA8

File PE Metadata

Compilation timestamp:

3/9/2016 12:43:07 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

10.0

Entry address:

0xF3B44

Entry point:

48, 83, EC, 28, E8, 67, 04, 00, 00, 48, 83, C4, 28, E9, 9E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, B9, 64, 04, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, D9, 04, 00, 00, CC, FF, 25, 0A, DD, 00, 00, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 8B, F2, 48, 8B, D9, F6, C2, 02, 74, 2A, 44, 8B, 41, F8, 4C, 8D, 0D, 14, 06, 00, 00, BA, 18, 00, 00, 00, E8, 56, 01... 
[+]

Code size:

1023.5 KB (1,048,064 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Deskmedia

Command:

"C:\positivo\deskmedia\gerenciadorlocal.exe"

The file gerenciadorlocal.exe has been discovered within the following programs.

Canal de Ofertas by Positivo Informática S.A.

www.mundopositivo.com.br

About 9% of users remove it

Canal Positivo by Positivo Informática S.A.

About 3% of users remove it

Scan gerenciadorlocal.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.