savu monitor.exe

Savu Application

Roccat GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ROCCAT Savu Gaming Mouse’.
Publisher:
Roccat GmbH  (signed and verified)

Product:
Savu Application

Version:
1, 0, 1, 5

MD5:
ea1cf57690906b189f942e491b6f13ec

SHA-1:
602e9f780dd7e6b383896d33c3e4b5a3c29e6bf1

SHA-256:
36940302973ea0862db85026e0d158be6c8c4aa0ea2eab5b97a820c52b5efdda

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:59:39 AM UTC  (today)

File size:
859.6 KB (880,240 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2012

Original file name:
Savu.exe

File type:
Executable application (Win32 EXE)

Language:
Chinesisch (traditionell, Taiwan)

Common path:
C:\Program Files\roccat\savu mouse\savu monitor.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/27/2011 2:00:00 AM

Valid to:
6/27/2014 1:59:59 AM

Subject:
CN=Roccat GmbH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Roccat GmbH, L=Hamburg, S=Hamburg, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
440CF4532541B6243E6F15998E86697D

File PE Metadata
Compilation timestamp:
4/20/2012 4:01:25 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:n3/6VwFbfaAlgvcEPdvcc1xMaOqT1iLZpcEPdvcc1xMaOqT1iLZN:SV4jCA+

Entry address:
0x76B3

Entry point:
E8, EC, 2B, 00, 00, E9, 17, FE, FF, FF, 53, 8B, 5C, 24, 08, 56, 57, 8B, F9, C7, 07, E4, 32, 41, 00, 8B, 03, 85, C0, 74, 26, 50, E8, C8, 2C, 00, 00, 8B, F0, 46, 56, E8, 3D, FC, FF, FF, 85, C0, 59, 59, 89, 47, 04, 74, 12, FF, 33, 56, 50, E8, 45, 2C, 00, 00, 83, C4, 0C, EB, 04, 83, 67, 04, 00, C7, 47, 08, 01, 00, 00, 00, 8B, C7, 5F, 5E, 5B, C2, 04, 00, 8B, C1, 8B, 4C, 24, 04, C7, 00, E4, 32, 41, 00, 8B, 09, 83, 60, 08, 00, 89, 48, 04, C2, 08, 00, 53, 8B, 5C, 24, 08, 56, 8B, F1, C7, 06, E4, 32, 41, 00, 8B, 43...
 
[+]

Code size:
72 KB (73,728 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ROCCAT Savu Gaming Mouse

Command:
"C:\Program Files\roccat\savu mouse\savu monitor.exe" \automation


Scan savu monitor.exe - Powered by Reason Core Security