home

runkey.exe

Video Technology

Publisher:
Video Technology  (signed and verified)

MD5:
86e0c0ee314fce21aa4563019c41ee0b

SHA-1:
b08da6f425823ff5db29769b3537c6ac40dccfbe

SHA-256:
8d7461c06b965b5e589a99ac51a331955022c89a0d720d8725761b004c90afd9

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/5/2024 9:49:05 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/KeyLogger.Spyrix (variant)
10.13434

McAfee
Artemis!86E0C0EE314F
5600.6212

Sophos
Generic PUA LA (PUA)
4.98

File size:
496.1 KB (508,048 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\runkey.exe

Digital Signature
Signed by:
Video Technology

Authority:
COMODO CA Limited

Valid from:
5/15/2015 1:00:00 AM

Valid to:
5/15/2016 12:59:59 AM

Subject:
CN=Video Technology, O=Video Technology, STREET="86, 15 Karl Marks Street", L=Kirov, S=Kirov, PostalCode=610000, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009B1136CEC0DAFFD7654D11E10DA50E0B

File PE Metadata
Compilation timestamp:
4/4/2016 8:53:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:18YFZFqHLLoRN888888888888W88888888888zAms9dsjtCm09GF/5cW/sbY3JhB:1V8HSA3spF02c1bYZspWIo

Entry address:
0x1000

Entry point:
68, 01, A0, 46, 00, E8, 01, 00, 00, 00, C3, C3, EC, 9D, 64, 30, 16, 0C, 01, 8A, 58, 0F, BF, 05, 80, E0, 20, E0, 94, EF, 66, 2A, 1A, AE, 52, 88, C0, C8, 4B, F4, 2B, 47, E8, 31, 52, 05, AF, BE, D9, C9, 95, 2D, FB, 3E, E2, A9, E7, CB, E9, DB, E1, 25, CD, AD, B3, 35, FE, 3B, 53, 63, F7, B7, 78, 54, 65, 05, 0E, F0, 81, 2B, 68, B0, F1, D0, 74, DE, 58, 81, 39, E6, EE, 96, EE, EF, 16, 25, 29, DF, 9A, 12, 1D, 23, 4E, 38, 1A, 47, 0C, 2A, AC, EF, 65, 4E, 14, CE, 4E, 08, 61, 62, 6E, 8C, 28, 8A, 67, 73, 9C, FD, 42, D6...
 
[+]

Entropy:
7.8052

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
284.5 KB (291,328 bytes)

Policies Explorer Run
Name:
localSPM


Scan runkey.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.