powerdiskws.exe

SOFTPERFECT PTY. LTD.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RAMDiskForWorkstations’.
Publisher:
Vishwa Technologies  (signed by SOFTPERFECT PTY. LTD.)

Description:
Vishwa Technologies Power Drive (64-bit)

Version:
3.4.8.0

MD5:
28a9834ccf48eab6be3222b1db5ee27e

SHA-1:
0dd8463710f7f5837ab277f2a6af194fd0d4c0e7

SHA-256:
c813d8e1861e0cb93b4e0254464760e1901c72ab2ca6be55a7f195684543df29

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:41:47 AM UTC  (today)

File size:
3.2 MB (3,378,832 bytes)

Product version:
3.4.8.0

Copyright:
2016 Vishwa Technologies

File type:
Executable application (Win64 EXE)

Language:
English (Australia)

Common path:
C:\Program Files\vishwa technologies power drive\powerdiskws.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
3/31/2015 5:30:00 AM

Valid to:
4/3/2018 5:30:00 PM

Subject:
CN=SOFTPERFECT PTY. LTD., O=SOFTPERFECT PTY. LTD., L=FORTITUDE VALLEY, S=Queensland, C=AU

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
089CBDB4B3C796312FE26CC5F616A9F6

File PE Metadata
Compilation timestamp:
10/16/2016 8:55:26 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x9823E0

Entry point:
EB, 08, A0, 2F, 2B, 00, 00, 00, 00, 00, E9, 63, A3, E1, FF, E9, 51, C9, FC, FF, A8, 59, 73, 72, 64, DD, 31, BF, 07, 84, EB, 31, 3F, 11, EB, 40, 31, 3F, 2B, 4C, 3F, 31, EA, 3D, E0, E5, 2A, 36, FB, 1E, E5, F7, C0, E8, F5, 52, F7, 40, E6, 73, 28, F7, C0, E1, 3E, BD, F7, 40, E2, BE, 57, F7, 40, EC, 1E, 29, F7, 40, FB, 50, D1, F7, 40, F8, F2, DF, F7, C0, EE, BD, 0C, F7, C0, D4, 2E, FB, F7, 15, C2, 18, D1, EC, C9, 04, 2E, E1, 31, 3F, 17, F5, 26, 31, BF, 19, 35, 64, B1, 2F, 09, 95, 72, 3A, 41, FF, FF, FF, FF, DE...
 
[+]

Entropy:
7.9195  (probably packed)

Code size:
3.8 MB (4,004,352 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RAMDiskForWorkstations

Command:
"C:\Program Files\vishwa technologies power drive\powerdiskws.exe" \hide


Scan powerdiskws.exe - Powered by Reason Core Security