» Seetrol_Clt.exe
Overview
Analysis
File Details
Behaviors (1)
Downloads (1)

Seetrol_Clt.exe

Seetrol_Clt

Knowhow Information & Communication Inc

This is a setup program which is used to install the application. The file has been seen being downloaded from www.seetrol.com.

File name:

Seetrol_Clt.exe

Publisher:

Knowhowinfocom, INC. (signed by Knowhow Information & Communication Inc)

Product:

Seetrol_Clt

Description:

Seetrol_Clt 2016.04.25

Version:

2, 7, 10, 0

MD5:

3fa1fb480fe8104f554235b8b6e95be7

SHA-1:

1b8f0ac19996176ce607c97b7ef73f4ed31a2124

SHA-256:

9a2e335df8ad5929a4524d7d30a146c06350b1ddf81de1607b5fff04915f08f2

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

2/26/2025 11:30:40 AM UTC (today)

Scan engine

Detection

Engine version

Qihoo 360 Security

HEUR/QVM11.1.0000.Malware.Gen

1.0.0.1120

File size:

332 KB (339,944 bytes)

Product version:

2, 7, 10, 0

Original file name:

Seetrol_Clt.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\seetrol_clt.exe

Digital Signature

Signed by:

Knowhow Information & Communication Inc

Authority:

Symantec Corporation

Valid from:

6/17/2015 9:00:00 AM

Valid to:

8/16/2018 8:59:59 AM

Subject:

CN=Knowhow Information & Communication Inc, O=Knowhow Information & Communication Inc, L=Yongsan-gu, S=Seoul, C=KR

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

65792E61346781D02FE228A7E448F412

File PE Metadata

Compilation timestamp:

4/25/2016 11:11:47 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:RAsC0n2LEn+tgsp77O/nYCI33//ISkw5RN/vpKBovpz3gPdPk9O48eSSSK:SZy5+qs0njooSV5RPHpieN

Entry address:

0x104110

Entry point:

60, BE, 00, 40, 4B, 00, 8D, BE, 00, D0, F4, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89... 
[+]

Entropy:

7.9120

Packer / compiler:

UPX 2.90LZMA

Code size:

324 KB (331,776 bytes)

Windows Firewall Allowed Program

Name:

seetrol_clt 2016.04.25

The file Seetrol_Clt.exe has been seen being distributed by the following URL.

http://www.seetrol.com/.../Seetrol_Clt.exe

Scan Seetrol_Clt.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.