home

runkey.exe

Video Technology

Publisher:
Video Technology  (signed and verified)

MD5:
f179485519a5f4721ab30bfea1889a73

SHA-1:
aae9cac2c443ed06aea051be33e885b6766251ca

SHA-256:
1f448bc00719cbbf4939cf0693ad52ddcf72b6e782e61cd5a6e32d0f685cf28b

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/5/2024 9:30:21 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/KeyLogger.Spyrix.F application
8.0.319.0

File size:
495.6 KB (507,536 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\runkey.exe

Digital Signature
Signed by:
Video Technology

Authority:
COMODO CA Limited

Valid from:
5/14/2015 8:00:00 PM

Valid to:
5/14/2016 7:59:59 PM

Subject:
CN=Video Technology, O=Video Technology, STREET="86, 15 Karl Marks Street", L=Kirov, S=Kirov, PostalCode=610000, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009B1136CEC0DAFFD7654D11E10DA50E0B

File PE Metadata
Compilation timestamp:
4/4/2016 3:55:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:8fg4Nk71qfdQ888888888888W888888888885xAms9dsjtCm09GG/5cW/sbY3JhL:8gAfdwC3spF0Zc1bYZspU2u

Entry address:
0x1000

Entry point:
68, 01, A0, 46, 00, E8, 01, 00, 00, 00, C3, C3, EC, 9D, 64, 98, 3C, BA, 31, 52, D5, 5F, B6, E6, F8, 9D, 43, E3, 8C, 2B, B3, A7, 96, CC, 62, 3C, A8, A4, 78, 40, F0, 20, EA, AA, 4F, 6D, 06, 1E, 53, 5E, 71, 5B, 58, A7, 79, D9, 09, C8, 8B, A6, 68, 49, FD, 3B, 50, F2, 05, 54, 07, 49, D2, C1, 45, 6D, 49, A2, 53, AB, 3D, 0C, 74, B0, 16, 39, 96, C7, D4, 50, B3, D6, 6F, 96, E5, 87, F0, 60, 39, F4, 9C, 72, A5, 36, 9E, C7, 1A, C5, D1, 29, 38, A1, F7, 8D, 17, 6B, 22, 6B, F1, 30, 50, 36, ED, 65, E3, FE, 00, 7E, 95, DF...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
284.5 KB (291,328 bytes)

Policies Explorer Run
Name:
localSPM


Scan runkey.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.