home

procloggersvc.exe

NoVirusThanks Process Logger Service

NoVirusThanks Company Srl

Publisher:
NoVirusThanks Company Srl  (signed and verified)

Product:
NoVirusThanks Process Logger Service

Version:
1.2.0.0

MD5:
a57e7bbe2645db82c21d1e869dff298f

SHA-1:
9fe69a62f23b6bcbcfa5e5232c05df4aa8b79423

SHA-256:
f7750875e068bffa57e360cc9956e1d8ea69c16db2c9cf8f6b4bc3b44ea93549

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 4:55:03 PM UTC  (today)

File size:
1.4 MB (1,488,816 bytes)

Product version:
1.2.0.0

Copyright:
NoVirusThanks Company Srl

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\service\32-bit\procloggersvc\service\procloggersvc.exe

Digital Signature
Signed by:
NoVirusThanks Company Srl

Authority:
GlobalSign nv-sa

Valid from:
5/5/2016 10:03:27 AM

Valid to:
6/24/2017 4:31:15 PM

Subject:
E=support@novirusthanks.org, CN=NoVirusThanks Company Srl, O=NoVirusThanks Company Srl, L=Castiglione Del Lago, S=Perugia, C=IT

Issuer:
CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:
310AC42B6B3AD0206ADD6F7E

File PE Metadata
Compilation timestamp:
6/20/2016 11:38:37 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:GazXH0uYs6A0+7vQfAJs0hWfPxLKhB2SwbD/imX3s2ZFhgMIQesAdVMhFRyFlbXH:IAwfAJcLKhwSU/imX3s2ZFhgMIbs9FRS

Entry address:
0x126224

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 6C, EF, 51, 00, E8, AF, 52, EE, FF, A1, C0, BB, 52, 00, 8B, 00, 80, 78, 38, 00, 74, 10, A1, C0, BB, 52, 00, 8B, 00, E8, 96, 21, FF, FF, 84, C0, 74, 0C, A1, C0, BB, 52, 00, 8B, 00, 8B, 10, FF, 52, 44, 8B, 0D, 18, BB, 52, 00, A1, C0, BB, 52, 00, 8B, 00, 8B, 15, B4, BF, 51, 00, 8B, 18, FF, 53, 40, A1, C0, BB, 52, 00, 8B, 00, 8B, 10, FF, 52, 48, 5B, E8, E4, 0F, EE, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5063

Developed / compiled with:
Microsoft Visual C++

Code size:
1.1 MB (1,201,152 bytes)

Scan procloggersvc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.