ShdTray.exe

SCMATE BACKUP TOOLS

Igloo systems Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Shield’.
Publisher:
WAREMATE Co., LTD.  (signed by Igloo systems Inc.)

Product:
SCMATE BACKUP TOOLS

Description:
Shield Tray

Version:
10.10

MD5:
5fd7acf8092441b0ef7ccb87705f2f5f

SHA-1:
c87b33f05212194eb1bbf9bf5b51c849bb83aa96

SHA-256:
b22093a07b526a7cfb7b25938cde56fdc35fcc01b1be879dcbf5e5510c702000

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 1:17:28 AM UTC  (today)

File size:
73.4 KB (75,184 bytes)

Product version:
10.10

Copyright:
Copyright (C) WAREMATE Co., LTD. All rights reserved.

Original file name:
ShdTray.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\scmateclientpro\shield\shdtray.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/29/2016 9:00:00 AM

Valid to:
1/27/2018 8:59:59 AM

Subject:
CN=Igloo systems Inc., O=Igloo systems Inc., L=Namyangju-si, S=Gyeonggi-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
22917BED7F897D7F85CAFEF9C1026E2B

File PE Metadata
Compilation timestamp:
1/22/2017 1:59:13 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x4074

Entry point:
48, 83, EC, 28, E8, D7, 03, 00, 00, 48, 83, C4, 28, E9, FA, FC, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 89, 7F, 00, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, 49, 04, 00, 00, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 8B, F2, 48, 8B, D9, F6, C2, 02, 74, 2A, 44, 8B, 41, F8, 4C, 8D, 0D, 8C, 05, 00, 00, BA, 18, 00, 00, 00, E8, 52, 01, 00, 00, 40, F6, C6, 01, 74, 09...
 
[+]

Entropy:
6.1236

Code size:
16.5 KB (16,896 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Shield

Command:
"C:\Program Files\scmateclientpro\shield\shdtray.exe"


Scan ShdTray.exe - Powered by Reason Core Security