remote_gast_4.exe

pcvisit client 4

pcvisit software ag

Publisher:
pcvisit software ag  (signed and verified)

Product:
pcvisit client 4

Version:
4, 3, 2, 1955

MD5:
79047be9f3f16c202ed694cd9984b763

SHA-1:
1c1562d71d8fb34b7500c6d220ed1a62ec164461

SHA-256:
0414c8dcd8178d4a4cee6c8289b4d7c87dbdb9904374fdbda0aaa32cf7191e5d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 7:01:34 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.16621

File size:
1 MB (1,057,640 bytes)

Product version:
4, 3, 2, 1955

Copyright:
Copyright © 2004-2007

Original file name:
client.exe

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
8/14/2008 2:00:00 AM

Valid to:
8/15/2010 1:59:59 AM

Subject:
CN=pcvisit software ag, OU=Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=pcvisit software ag, L=Dresden, S=Sachsen, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
62B8580A3592F52C8C3B5E43E39FF4D5

File PE Metadata
Compilation timestamp:
1/16/2010 8:12:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
24576:bkcQOuiSRrMtQETm1p49y/r7RAnDuEocokauKPmb0aJVuXN64scx:b0drMtQETmP49+r72ZocovuKPmb0WeN1

Entry address:
0x2B4C0

Entry point:
B8, 0C, 96, 78, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 6A, 9B, 6C, 8D, 29, F2, 2C, E3, 71, 5A, 10, DA, 21, CB, AB, BD, 06, 63, 70, 97, 27, FB, 8D, F4, 35, DE, F9, C7, BA, F3, 47, 9B, 7E, 68, 0C, 8C, A7, F0, 3C, 1A, 1B, 57, AF, 00, 1D, 71, E8, 54, 31, 02, E7, AA, FA, 3A, 52, 4E, E7, 95, C6, 09, 62, E0, F1, CC, 36, 73, 4F, 21, CE, 42, 00, A1, 5D, 08, 36, 38, 65, F4, 9D, 2B, A5, F9, E9, 88, 49, 8E, 66, 8D, 0E, 91, 55, DA, 9D...
 
[+]

Packer / compiler:
PECompact v2

Code size:
1.7 MB (1,744,896 bytes)

Windows Firewall Allowed Program
Name:
remote_gast_4.exe


Scan remote_gast_4.exe - Powered by Reason Core Security