recoverkeyscmdv9.exe

ONE UP LTD.

The executable recoverkeyscmdv9.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
ONE UP LTD.  (signed and verified)

MD5:
f95ceb94f408ab94ac5234f7cee22a71

SHA-1:
fd8e033d635935abf28e0d120f0376fbae369621

SHA-256:
4343dde84cb827003f26ff1b401e6e29313f519f4c1494855d4256f7812dbc09

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/24/2024 7:02:05 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.12.25.19

File size:
11 MB (11,523,384 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\ltsvc\packages\mp\discoverkeys\recoverkeyscmdv9.exe

Digital Signature
Signed by:

Authority:
Starfield Technologies, Inc.

Valid from:
2/16/2016 4:34:38 AM

Valid to:
4/25/2019 8:33:03 AM

Subject:
CN=ONE UP LTD., O=ONE UP LTD., L=LIMASSOL, C=CY

Issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
66BBF05193DB18D4

File PE Metadata
Compilation timestamp:
11/14/2016 8:06:24 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

Entry address:
0x2B9578

Entry point:
55, 8B, EC, 83, C4, F0, A1, 5C, CB, 6E, 00, C6, 00, 01, B8, B4, 1C, 6B, 00, E8, F0, 31, D5, FF, E8, 23, D9, E4, FF, E8, 32, E9, D4, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6739

Developed / compiled with:
Microsoft Visual C++

Code size:
2.7 MB (2,852,352 bytes)

Remove recoverkeyscmdv9.exe - Powered by Reason Core Security