home

runkey.exe

Video Technology

Publisher:
Video Technology  (signed and verified)

MD5:
526f9df3da54ffceb3982711692f2b56

SHA-1:
e5ecf8b8cb35be1b15158454d9cbe277700a4ebb

SHA-256:
3275ceea3204825e58efff612b5bda11f9cbcbd9b1b4c9ffcd6d2ead4bf3dbe4

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/27/2024 5:17:42 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/KeyLogger.Spyrix.F application
6.3

File size:
496.6 KB (508,560 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\runkey.exe

Digital Signature
Signed by:
Video Technology

Authority:
COMODO CA Limited

Valid from:
5/15/2015 2:00:00 AM

Valid to:
5/15/2016 1:59:59 AM

Subject:
CN=Video Technology, O=Video Technology, STREET="86, 15 Karl Marks Street", L=Kirov, S=Kirov, PostalCode=610000, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009B1136CEC0DAFFD7654D11E10DA50E0B

File PE Metadata
Compilation timestamp:
4/8/2016 9:27:18 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:fMjNl70DZSPn888888888888W88888888888NAms9dsjtCm09Gxxm4GfHGx8aVND:fsyys3spF0tfSbVND

Entry address:
0x1000

Entry point:
68, 01, A0, 46, 00, E8, 01, 00, 00, 00, C3, C3, 49, 8B, DA, 39, 58, 02, B1, 83, 37, 7E, 49, 3B, 15, 6F, 11, 57, CF, 6B, E9, B6, B6, 69, A2, EB, 15, 8E, 3C, 7C, F8, 98, 97, 00, 75, 7F, 7B, 9C, AE, F4, 65, B8, CB, CB, 47, 45, 0B, A4, B6, 70, CA, 77, 23, 28, 01, 79, EB, A1, 7B, FB, 32, 1B, 9B, E0, 16, 38, DE, 6D, C7, 72, 96, 4B, 12, 5B, 12, 93, 20, 43, 9E, E6, 86, AD, 3A, C9, 70, EE, 4E, 1C, D0, 2E, 94, 8A, 66, 4B, 9E, 95, 57, 9B, E8, 8C, 5E, 49, EF, 2B, 42, 42, E4, 17, 75, 9E, D7, CD, 91, D7, 07, 6F, DF, 2F...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
286.5 KB (293,376 bytes)

Policies Explorer Run
Name:
localSPM


Scan runkey.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.