punto.exe

Punto Switcher

OOO Yandex

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘PuntoSwitcher’.
Publisher:
ООО Яндекс  (signed by OOO Yandex)

Product:
Punto Switcher

Version:
3, 1, 0, 59

MD5:
7e1b4f5bcba8791ff3970624fe23357b

SHA-1:
12247207f3ed91cfdde50c73a67e290908a92ca6

SHA-256:
dc231adf8a4b0cfcac74e1e3cc3a1a9cd7890705910cd4f5dea19e77782f1a93

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 4:25:47 AM UTC  (today)

File size:
810.8 KB (830,248 bytes)

Product version:
3, 1, 0, 59

Copyright:
Copyright 2008-2009 ООО Яндекс

Trademarks:
Punto Switcher

Original file name:
punto.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\systemprogs\puntoswitcher\punto.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/22/2007 3:00:00 AM

Valid to:
2/5/2010 2:59:59 AM

Subject:
CN=OOO Yandex, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=OOO Yandex, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0EDF623F38757683D4FBF756F79369B4

File PE Metadata
Compilation timestamp:
3/30/2009 5:32:52 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:piUE186KSaFG80nlT4CzIjtGD7ZxsYcF6zddjlAtRe339Jk:/E186K/YnlyGD7ZxJE63lAtMC

Entry address:
0x3FC20

Entry point:
E8, 13, 83, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 56, 33, F6, 39, 75, 0C, 75, 1D, E8, 20, 33, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, 08, 92, 00, 00, 83, C4, 14, 83, C8, FF, EB, 27, FF, 75, 14, 8D, 45, E0, FF, 75, 10, C7, 45, E4, FF, FF, FF, 7F, FF, 75, 0C, C7, 45, EC, 42, 00, 00, 00, 50, 89, 75, E8, 89, 75, E0, FF, 55, 08, 83, C4, 10, 5E, C9, C3, 8B, FF, 55, 8B, EC, FF, 75, 0C, 6A, 00, FF, 75, 08, 68, 88, 81, 44, 00, E8, 92, FF, FF, FF, 83, C4, 10, 5D, C3, 8B, FF, 55...
 
[+]

Code size:
369.5 KB (378,368 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PuntoSwitcher

Command:
C:\Program Files\systemprogs\puntoswitcher\punto.exe


Scan punto.exe - Powered by Reason Core Security