home

passgen.exe

Password Generator

Jocys.com

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Password Generator’.
Publisher:
Jocys.com  (signed and verified)

Product:
Password Generator

Description:
Jocys.com Password Generator

Version:
2.0.6.0

MD5:
4f5c2d586822d30bec9fc3ec9b39c010

SHA-1:
b79b51b65aaca136d8fda8f24fd2bf9edea7e156

SHA-256:
e646bfc063e99fce4086d9967fded6c6ae7918e1204cf2e51ef35d3f324db47b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 3:23:18 AM UTC  (today)

File size:
979.1 KB (1,002,648 bytes)

Product version:
2.0.6.0

Copyright:
Copyright © Jocys.com 2015

Original file name:
passgen.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\passgen.exe

Digital Signature
Signed by:
Jocys.com

Authority:
Unizeto Technologies S.A.

Valid from:
12/5/2013 12:40:28 PM

Valid to:
12/5/2015 12:40:28 PM

Subject:
E=evaldas@jocys.com, CN=Jocys.com, OU=Jocys.com, O=Jocys.com, C=GB

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
1F911FD0FD9BC3D753D24E3EDE42D0D9

File PE Metadata
Compilation timestamp:
10/9/2015 1:27:39 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
48.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:Em1X9pVdi8SuaRr7Cx19F/z4KlhDC8rKpgXXjp1Q/BeOzd83dMnsi11ko+W9fey1:Ecjdi8SEllhDC8rugjLQmvGVFCLMFd

Entry address:
0xDC486

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.1394

Code size:
873.5 KB (894,464 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Password Generator

Command:
"C:\users\{user}\appdata\local\temp\{random}.tmp\passgen.exe" \windowstate=minimized


Scan passgen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.