HeimdalLauncher.exe

Agent.Launcher

CSIS Security Group A/S

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Agent.Launcher’.
Publisher:
CSIS Security Group A/S  (signed and verified)

Product:
Agent.Launcher

Version:
1.0.0.0

MD5:
7e7dc432dc2d95e0fbd009cd096f2b1d

SHA-1:
a2a6a8fcd853d8e7918a77a5784dff5d4f24e11f

SHA-256:
a8429ee72f9d073a2dea84d28a6acfd077a171b35ea80ef20d0b99bdfe6536fb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 3:35:40 PM UTC  (today)

File size:
44.7 KB (45,760 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2010

Original file name:
HeimdalLauncher.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
6/9/2009 2:00:00 AM

Valid to:
6/10/2011 1:59:59 AM

Subject:
CN=CSIS Security Group A/S, OU=Secure Application Development, O=CSIS Security Group A/S, L=COPENHAGEN, S=NO, C=DK

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
702C4294A0B08A3D70856205E7FF1C42

File PE Metadata
Compilation timestamp:
10/21/2010 5:20:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:V/dAA6xlxOR3WxiEb+VKf+6L2qvwJzlEsMzIPVmdRJY/P0xoxUMd+MgSHAuIfetA:lubDxiEb+VKnmpVIIW9V4fKnQyYLB

Entry address:
0xA5C0

Entry point:
FF, 25, B0, A5, 40, 00, 00, 00, 5F, 43, 6F, 72, 45, 78, 65, 4D, 61, 69, 6E, 00, 6D, 73, 63, 6F, 72, 65, 65, 2E, 64, 6C, 6C, 00, B4, 00, 00, 00, CE, CA, EF, BE, 01, 00, 00, 00, 91, 00, 00, 00, 6C, 53, 79, 73, 74, 65, 6D, 2E, 52, 65, 73, 6F, 75, 72, 63, 65, 73, 2E, 52, 65, 73, 6F, 75, 72, 63, 65, 52, 65, 61, 64, 65, 72, 2C, 20, 6D, 73, 63, 6F, 72, 6C, 69, 62, 2C, 20, 56, 65, 72, 73, 69, 6F, 6E, 3D, 32, 2E, 30, 2E, 30, 2E, 30, 2C, 20, 43, 75, 6C, 74, 75, 72, 65, 3D, 6E, 65, 75, 74, 72, 61, 6C, 2C, 20, 50, 75...
 
[+]

Code size:
7.5 KB (7,680 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Agent.Launcher

Command:
C:\programmer\csis\heimdal agent\client\heimdallauncher.exe


Scan HeimdalLauncher.exe - Powered by Reason Core Security