home

oaui.exe

Online Armor Firewall

Tall Emu

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘@OnlineArmor GUI’.
Publisher:
Tall Emu  (signed and verified)

Product:
Online Armor Firewall

Description:
Online Armor Component

Version:
4.0.0.35

MD5:
b7431731d24a8db473f79087d953f17c

SHA-1:
0d62d1b5892f685256597e2bf270a5fef84721e6

SHA-256:
231a4c570bef11f9e2c99251ad80890e475c0c7d2da7092812252d382cfcb13d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 9:51:12 PM UTC  (today)

File size:
6.4 MB (6,658,552 bytes)

Product version:
4.0.0.35

Copyright:
Tall Emu 2004-2010

File type:
Executable application (Win32 EXE)

Language:
English

Digital Signature
Signed by:
Tall Emu

Authority:
GlobalSign nv-sa

Valid from:
2/25/2010 11:12:52 PM

Valid to:
2/26/2011 11:12:49 PM

Subject:
E=support@tallemu.com, CN=Tall Emu, O=Tall Emu, L=Sydney, S=NSW, C=AU

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000127075A2E98

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:QE7c//////Luh+UQaX85bGQxBpJ046IdwCK8rU9oKPLekoGqD0CXs82/6JTt6:JzQdFBp+46IdwCK8riok6k0s5Mt6

Entry address:
0x402884

Entry point:
55, 8B, EC, B9, 14, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, B4, 13, 80, 00, E8, 60, 52, C0, FF, 33, C0, 55, 68, 3F, 2E, 80, 00, 64, FF, 30, 64, 89, 20, B8, 58, 2E, 80, 00, E8, F8, 9B, CF, FF, 84, C0, 74, 0A, 68, D0, 07, 00, 00, E8, 32, 5D, C0, FF, E8, D5, E8, CE, FF, E8, CC, DF, CE, FF, E8, 33, 78, D6, FF, 33, C0, 55, 68, EC, 2D, 80, 00, 64, FF, 30, 64, 89, 20, 6A, 00, 68, 00, 01, 00, 00, E8, C9, 5C, C0, FF, 68, 00, 00, 80, 00, 68, 00, 00, 40, 00, E8, 1A, 59, C0, FF, 50, E8, BC, 5C, C0, FF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
4 MB (4,202,496 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
@OnlineArmor GUI

Command:
"C:\$avg\online armor\oaui.exe"


Scan oaui.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.