home

runkey.exe

Video Technology

Publisher:
Video Technology  (signed and verified)

MD5:
e2228f11fb4512223235fdec7a8dc54b

SHA-1:
f3340d8f217aaa29c815534b69b3ed35ed02eb37

SHA-256:
8cbfb696bbdf1e5ba2ab43d435df8e0c7f392218c0cd5c132b95fc448a07b25a

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/5/2024 9:40:14 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/KeyLogger.Spyrix.F application
6.3.12010.0

Qihoo 360 Security
HEUR/QVM19.1.Malware.Gen
1.0.0.1120

Zillya! Antivirus
Adware.SpyrixCRTD.Win32.524
2.0.0.2909

File size:
496.1 KB (508,048 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\runkey.exe

Digital Signature
Signed by:
Video Technology

Authority:
COMODO CA Limited

Valid from:
5/14/2015 9:00:00 PM

Valid to:
5/14/2016 8:59:59 PM

Subject:
CN=Video Technology, O=Video Technology, STREET="86, 15 Karl Marks Street", L=Kirov, S=Kirov, PostalCode=610000, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009B1136CEC0DAFFD7654D11E10DA50E0B

File PE Metadata
Compilation timestamp:
4/4/2016 4:54:39 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:j0jdXS8VLWTu888888888888W88888888888fAms9dsjtCm09GM52rfcUzlQOyb:4jdFWTX3spF0z67hQNb

Entry address:
0x1000

Entry point:
68, 01, A0, 46, 00, E8, 01, 00, 00, 00, C3, C3, 49, 8B, DA, 39, 58, 00, 81, 5B, AD, DE, 1A, FD, E5, 9D, D7, 51, FE, F9, E9, 85, AE, AD, 60, 38, 57, 8E, 3C, 7C, F8, 98, 97, 80, 75, 7F, 7B, 9C, B2, 9E, 84, 14, 3F, BF, 3E, 05, 03, 92, 9E, C8, 9F, 16, A6, 78, C0, FE, 6B, 90, D0, 5F, A9, C9, 2D, A9, 8E, 35, C2, 9E, 24, E4, FE, 8C, 8A, C2, 2B, E8, FC, 15, B6, 24, 82, AD, 17, 6A, E9, FA, 0E, B0, 3E, 25, 3D, 43, AF, F9, 08, F3, CA, A3, 36, 1D, CA, FE, 98, 32, 14, 4E, 8F, 8A, 56, 13, 7B, 93, 69, 9F, DE, A7, E1, CE...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
284.5 KB (291,328 bytes)

Policies Explorer Run
Name:
localSPM


Scan runkey.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.